Active Directory Security Concern

Wed Dec 4 19:13:14 UTC 2002

In article <asjkau$3700$1 at isrv4.isc.org>,
Kevin Darcy  <kcd at daimlerchrysler.com> wrote:

>tom thumb wrote:

>> All,

>> Unfortunately we are going to be upgrading to Active Directory

>Sorry to hear it.

...

>some folks prefer a "half-and-half" solution where they just delegate
>the "underscore" subdomains, e.g. _tcp, _udp, _msdcs to a Microsoft
>DNS/AD server and let it manage those itself. This leaves the main
>domain(s) running on your existing DNS infrastructure without having to
>open up Dynamic Update.

  Exactly what we've done with success.  Here's a handy site at Yale
that covers many of the issues:

   http://wss.yale.edu/win2k/ad-and-ddns.html

Bob
-- 
----------------------------------------------------------------------------
|Bob Rahe, Delaware Tech&Comm Coll. /                                      |
|Computer Center, Dover, Delaware /                                        |
|Internet: bob at dtcc.edu  (RWR50) /                                         |
----------------------------------------------------------------------------