unapproved update, W2K, bind 8.2.2_P5-9

LYle Meier lmeier at neosoft.com
Sun May 14 17:25:41 UTC 2000 

For both security and partitioning reasons the srv records created by domain
controllers on
W2k (Active Directory) should go in a distinct zone from machine records.
You have to go into the
control panel where you change the machines workgroup or domain name, and
click the advanced tab
to allow you to unclick the change machines name when domain membership
changes box. This must be done on
all workstations.
Next when doing the dc promo, set up the dns name of the domain to a new
zone and let w2k host this zone.
If not totally hosted on w2k DNS set up the zone first with the needed
records.

By doing things this way your machines A records can be hosted on a bind
server,while the
srv records required are in a separate zone. This allows one to only allow
w2k to manipulate that
zone making crashing the w2k side less likely.
Robert Vojta <robert.vojta at clark.cz> wrote in message
news:20000514103133.A22945 at penguin.clark.cz...
> Hi,
>   I've got this problem and I don't know if I understand very well things
> from http://www.nominum.com/resources/bind-faq.html#w2k. We have got
> network from several computers where one linux machine is router, second
> linux machine is my workstation and others are W2K ;-( Bind is running
> on router and I've got a lot of messages like $SUBJ. In this FAQ was
something
> like: 'we recommend that the Active Directory be a seperate zone'. What
> does it mean? I don't know how Active Directory and other stuff from
> Windows works. May I put all W2K machines with Active Directory to
separate
> zone or what? Is active directory on machine something like virtual
machine?
> May I put all machines expcept mine workstation to separate zone? It looks
> like nonsence (all machines to next zone), what may I do with that?
>
>   Best regards,
>     Robert Vojta
>
> --
>
>  Robert Vojta                                               \)/ .-.
>                                                              /,(o,o)
>  Clark NetProject, spol. s r.o.                             ()  (w)
>  Okruzni 29a                                         /_ ___  \\,=",
>  63800 Brno                                          '-()-()   =/=\\
>                                                     //\\||  ==== ()
>  ICQ: 64746424, mobil: 0608-170783                   /`  \\|  ="=  `|
>                                                    =="    `(0V0)    '--
>
>
>
>
>

More information about the bind-users mailing list