Windows 2K DC A Record Visible When Running Nslookup against domain name
Barry Finkel
b19141 at achilles.ctd.anl.gov
Fri Jan 26 15:13:19 UTC 2001
Vyto Grigaliunas [mailto:vyto at fnal.gov] replied to Bill Smith:
>I've noticed that two and I think it's because the W2K DC's create A records
>associated with the domain itself as well...why, I don't know (I seem to say
>that a lot about Microsoft), but then again we're just starting to set up a
>testbed...probably how AD clients find their DC's ???
"Jim D. Kirby" <jdkirby at bluebunny.com> replied to Vyto:
>I've noticed this as well. Or suspicion is it's just MS's way of taking
>control of the zone. It does not overwrite any existing A records, but we
>did not want our DCs populated this way and have disabled updates to the
>primary zone file. We did create _msdcs, _tcp, _udp, and _sites subdomains
>under the primary zone and allow the DCs to update those zones. AD/Win2K
>clients find their DCs from those zones.
I believe that Vyto is correct. Each DC in a Win2k domain will
register its address in DNS - for example,
anl.gov IN A 192.168.1.11
anl.gov IN A 192.168.4.10
That is how the Win2k clients find the addresses of the DCs. In our
testbed and production networks I have the four "_" zones on a Win2k
DNS (this may change) where I alllow DDNS. I do not allow DDNS to the
anl.gov
zone, so for each of our DCs for that top-level Win2k domain I
registered the "A" record manually. I do not expect that our top-level
DCs will change IP addresses in the future, so there is no need for the
"A" records to be dynamic.
We are still working on configurations for the sub-domains of anl.gov.
----------------------------------------------------------------------
Barry S. Finkel
Electronics and Computing Technologies Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-9689
Building 221, Room B236 Internet: BSFinkel at anl.gov
Argonne, IL 60439-4844 IBMMAIL: I1004994
More information about the bind-users
mailing list