Active Directory Support
User, Public
public at seajay.com
Mon Jan 5 18:04:54 UTC 2004
Or does Windows REQUIRE a closed AD-integrated zone (sub or root) using =
Windows DNS servers?
Christopher P. Jenkins, Senior Consultant
Concordant, Inc.
P: 508-820-3080
F: 508-820-4367
C: 508-241-7415
E: chris.jenkins at concordantinc.com
-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On =
Behalf Of phn at icke-reklam.ipsec.nu
Sent: Monday, January 05, 2004 12:26 PM
To: comp-protocols-dns-bind at isc.org
Subject: Re: Active Directory Support
User, Public <public at seajay.com> wrote:
> Content-Type: text/plain;
> charset=3D"us-ascii"
> Content-Transfer-Encoding: quoted-printable
> Hello,
> I am looking to consolidate DNS to a single platform for all systems =
on
> our network. Currently BIND8 is being used for all name resolution. =
We
> will be adding a large Active Directory environment, and am looking =
for
> the best way to implement DNS. What we do not want is all WinXP/2000
> workstations DNS entries to show up in the BIND files, but want the AD
> and Windows DNS to synchronize, but not completely. I am envisioning
> having DNS on Windows handle the AD servers and workstations, and the
> BIND8 servers to handle everything else. I would like to have all
> entries in BIND8 synced to AD DNS, but not the other way. My =
questions
> are as follows:
> =3D20
> Can I currently do this with BIND8? Need to implement BIND9?
> =3D20
> Can I have BIND9 be the primary AD DNS supporting DDNS? Does this =
need
> to support GSS-TSIG updates?
> =3D20
> What are the possibilities of having BIND8 be primary to Windows DNS
> servers, and keep our administration in BIND8 rather than move over to
> Windows DNS for central DNS administration?
> =3D20
> I know this may pose more questions for Microsoft DNS folks, but I =
want
> to get the capabilities of BIND to see if it will be possible to
> maintain BIND as the central DNS service for the whole environment.
> =3D20
> Thanks,
> Chris
> =3D20
> =3D20
> =3D20
> <http://www.concordantinc.com>=3D20
> Christopher P. Jenkins, Senior Consultant
> Concordant, Inc.
> P: 508-820-3080
> F: 508-820-4367
> C: 508-241-7415
> E: chris.jenkins at concordantinc.com
> =3D20
Isn't the most obvious design applicable ? Placing ad in a sub-domain
and having wintendo nameservers servicing that subdomain ?
> -- Binary/unsupported file stripped by Ecartis --
> -- Type: image/jpeg
> -- File: image001.jpg
> -- Desc: image001.jpg
--=20
Peter H=E5kanson =20
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam =
out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list