BIND 8.2.2 P5 DNS and W2K AD & Domain controllers
Barry Finkel
b19141 at achilles.ctd.anl.gov
Wed Nov 1 13:57:58 UTC 2000
Kevin Darcy wrote in reply to Son Nguyen:
>Note that it is not _strictly_ necessary to allow domain controllers to
>directly dynamically-update DNS. There has been talk here, and
>experimentation, in just grabbing the
>C:\WINNT\SYSTEM32\CONFIG\NETLOGON.DNS files from the domain controllers and
>throwing their contents into the DNS zones. Then you wouldn't even have to
>create those _tcp/_udp/etc. subzones, and you could control the timing of the
>updates (and associated zone transfers, etc.)
This will work for the initial netlogon file from each DC. But as
services on the DC are terminated, and as new services are started,
the DC will attempt to de-register or register the services. And,
it appears that MS does not trust DDNS, as the DCs will re-register
its services at periodic intervals just to insure that the SRV records
have not disappeared.
----------------------------------------------------------------------
Barry S. Finkel
Electronics and Computing Technologies Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-9689
Building 221, Room B236 Internet: BSFinkel at anl.gov
Argonne, IL 60439-4844 IBMMAIL: I1004994
More information about the bind-users
mailing list