Interoperability Issues W2k/Bind

[Michael J. Pape]

Microsoft's help files (search on "active directory" - select
"Interoperability issues") states that you can root your DNS and your Active
Directory domain to the same second-level DNS domain name. i.e., xyz.com can
serve as the root for your Unix DNS and your Windows DNS.

Is this correct? If so, could someone be so kind as to post the
conf/database entries I'd need to make on the Unix side to delegate the
_msdcs and _ldap zones correctly.

Furthermore, if this is possible, would it also be possible to root both
domains to the same second-level name without using W2k DNS, i.e., just
using BIND on Unix?

Thanks...



EXCERPT FROM MICROSOFT'S HELP FILE...

...

2. Create multiple subdomains based on your DNS second-level domain to
support registration of Active Directory in DNS.

For example, if your organization has a registered second-level DNS domain
name already in use (such as microsoft.com), you can create additional
subdomains that are delegated to Windows DNS servers and used only for
registering DNS names related to Active Directory.

This method is more complex to implement, but enables less change to your
currently deployed DNS infrastructure that is not Windows-based. With this
namespace design, you create only those additional subdomains and
appropriate zones needed to support your Active Directory deployment. For
example, in this configuration, the domain name microsoft.com is both the
root DNS and the root Active Directory domain name for your organization.

For this configuration, you first need to create zones for the following
subdomains using the DNS snap-in tool at a computer running DNS service and
Windows 2000 Server:

_msdcs.microsoft.com
_ldap._tcp.microsoft.com

Before these zones are created, you can delegate these subdomains away at
the primary zone for your parent or second-level domain name or notify
another DNS administrator who manages these zones for your organization to
do so. For more information, see Delegating zones.