ISC Bind in Active Directory
Aaron Thompson
athompson at berklee.edu
Mon Oct 22 17:33:17 UTC 2012
Michael, much appreciation for the feed back from our west coast Berkeley!
You wouldn't know or have a copy of that Gartner paper would you??
Best,
Aaron
-
Aaron Thompson
Network Architect for IT Operations
Berklee College of Music
1140 Boylston Street, MS-186-NETT
Boston, MA 02215-3693
www.berklee.edu
617.747.8656
Twitter: @thomp318
On Oct 18, 2012, at 5:00 PM, Michael Sinatra <michael at RANCID.BERKELEY.EDU> wrote:
> On 10/18/12 11:03 AM, Aaron Thompson wrote:
>> Hi All,
>>
>> I'm hopping to get some feedback from people who use ISC Bind and DHCPD
>> in Active Directory environments.
>>
>> Currently we use Bind/DHCPD for dynamic DNS and DHCP. It's been a
>> pretty stable service, redundant and we are polling statistics with
>> Cacti. There is concern by Management of using a somewhat non standard
>> approach for Active Directory SRV records being handled by ISC services
>> and not AD.
>
> Microsoft may tell management that it's non-standard, but it's not.
> What you're describing is very common, especially among EDUs.
>
> Management's attitude appears to be based on two myths:
>
> 1. You must use AD integrated DNS for your AD installation.
> 2. You must use DDNS for your AD installation (at least for the relevant
> SRV records).
>
> Neither of these are true, and plenty of places have gotten by for at
> least a decade with *static* SRV records in a BIND server.
>
> A few years ago, Gartner did a paper where they discussed "new features"
> that Microsoft claims "require" AD-integrated DNS. Gartner's conclusion
> was that this is basically not true and that if the current BIND-AD
> integration is working for you, then you should stick with it.
>
> [snip]
>
>> Overall it's been a very stable design for the last 5+ years.
>
> It sounds like something that's not broken and shouldn't be fixed.
> Again, this is the experience at other EDUs.
>
>> If you have any relevant feed back I would appreciate it. I'm looking
>> for information on experience with Active Directory integration with ISC
>> or if anyone has had problems/stability issues with AD doing DNS/DHCP or
>> AD working with ISC.
>>
>> Thanks in advance.
>>
>> Here's a brief survey <http://www.surveymonkey.com/s/2VYNKWR> for
>> Schools that have ISC running in an AD environment.
>>
>> http://www.surveymonkey.com/s/2VYNKWR
>
> Done, on behalf of the "other" Berkeley. :)
>
> michael
>
More information about the bind-users
mailing list