Integrating BIND with Active Directory
Ron Hall
thorn at cc.mcgill.ca
Wed Sep 11 14:32:50 UTC 2002
> I do not see what is so complicated. In the example.com zone on
> the BIND master server, add these four lines:
>
> _msdcs IN NS w2kdns.example.com.
> _sites IN NS w2kdns.example.com.
> _tcp IN NS w2kdns.example.com.
> _udp IN NS w2kdns.example.com.
>
> These delegate the four "_" zones to the W2k DNS server.
> In the four zones
>
> _msdcs.example.com
> _sites.example.com
> _tcp.example.com
> _udp.example.com
>
> on the W2k DNS server (w2kdns.example.com) list the BIND server as a
> slave for each of the four "_" zones. Depending upon how you configure
> zone transfers on the W2k DNS, you might have zone transfer problems.
> I believe this has been posted previously; check the list archives.
And I have this and it does work. That part was easy :)
I'm looking for any "gotchas", that need be added to the conf
files that I don't know about.
The problem is that the security people would like to hide the
AD servers behind a firewall so that any updates requests
that go to the "main" BIND servers are "passed" on to the
AD servers so that the 53 port for the AD servers need only\
"know" about the "main" BIND servers. At least that is their
hope. I personally don't think it works that way, but I get
to ask and accomplish 1 of 3 things:
1) I get told how to do it.
2) I get told that it is not doable.
3) I make an ass of myself.
Personally I end up at 3 at lot, but I also get the answers
I I think I need :) So we take the good with the bad :)
Thanks for your time and patience and of course your answer.
HTH
As Always
r
More information about the bind-users
mailing list