BIND and AD integration
Tom Schmitt
TomSchmitt at gmx.de
Thu Mar 10 08:52:53 UTC 2005
Hi,
> I came across the "BIND + AD HOWTO" and
Where do you found this? Do you have a link?
> Both describe the setup of four sub-domains
> with the the BIND configuration (_msdcs, _sites, _tcp, and _upd).
Yep. This is the way we did it too. And it works fine with Windows2003.
> I'd also be interesting in hearing from anyone
> that has this type of setup (any "gotchas", or major configuration
> changes to be aware of?).
The changings between the AD of W2K and W2003 are internal and do not
concern the DNS/DHCP. (But none the less: The changes are very important,
especially if you are a bigger company, because the the AD of W2K did not
scale).
There are two points in the interwork with AD:
Windows uses another RFC for signing the dynamic DNS-Updates than Bind does.
They do not understand each other. So: For allowing the DC's writing their
Updates in the four Service-Zones (_msdcs etc.) you have to permit on
IP-base instead of using a secure key.
Second: For using the ISC DHCP you should disable in the Registrie of all
your Windows-PCs the default behaviour to register themself. It does not
really harm, if you don't disable ist, but you have a lot of unnessisary
traffic and big error-logfiles.
Tom.
--
DSL Komplett von GMX +++ Supergünstig und stressfrei einsteigen!
AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl
--
DSL Komplett von GMX +++ Supergünstig und stressfrei einsteigen!
AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl
--
SMS bei wichtigen e-mails und Ihre Gedanken sind frei ...
Alle Infos zur SMS-Benachrichtigung: http://www.gmx.net/de/go/sms
More information about the bind-users
mailing list