Active Directory Security Concern
Bob Rahe
bob at hobbes.dtcc.edu
Wed Dec 4 19:13:14 UTC 2002
In article <asjkau$3700$1 at isrv4.isc.org>,
Kevin Darcy <kcd at daimlerchrysler.com> wrote:
>tom thumb wrote:
>> All,
>> Unfortunately we are going to be upgrading to Active Directory
>Sorry to hear it.
...
>some folks prefer a "half-and-half" solution where they just delegate
>the "underscore" subdomains, e.g. _tcp, _udp, _msdcs to a Microsoft
>DNS/AD server and let it manage those itself. This leaves the main
>domain(s) running on your existing DNS infrastructure without having to
>open up Dynamic Update.
Exactly what we've done with success. Here's a handy site at Yale
that covers many of the issues:
http://wss.yale.edu/win2k/ad-and-ddns.html
Bob
--
----------------------------------------------------------------------------
|Bob Rahe, Delaware Tech&Comm Coll. / |
|Computer Center, Dover, Delaware / |
|Internet: bob at dtcc.edu (RWR50) / |
----------------------------------------------------------------------------
More information about the bind-users
mailing list