Recommendations on integrating BIND and AD

Barry Finkel b19141 at achilles.ctd.anl.gov
Fri Jan 30 16:35:15 UTC 2004 

"Bell, William  IT" <WBell at mvphealthcare.com> wrote a long post
concerning W2k Active Directory and BIND.  I will not re-post the entire
text here, nor will I comment on what Kevin Darcy replied (because I
agree with Kevin).  I will add a few comments:

1) What DNS servers do your Windows clients use now for DNS resolution?
   I assume that they are configured to use your BIND servers.  If you
   begin to use a MS W2k DNS Server as a master, then it would be wise
   to have those zones slaved on your BIND servers.  If you don't,
   then you will have to change the DNS configuration on each of the
   W2k workstations.

2) What I have done is this:

   a) Delegate the four (or six) "_" zones to a MS W2k DNS Server.
   b) I have only ONE MS W2k DNS Server, but I have four Domain
      Controllers.  The single master avoids serial number issues
      (see MS article 282826).  I have 86 "_" zones on that server.
   c) I slave the "_" zones on my BIND servers for the reason stated
      above.
   d) I have one forward zone and its five reverse subnet zones
      mastered on the W2k (now W2k+3) DNS Server, controlled by one
      MS W2k DHCP Server.  I did this as a test and because the owner
      of the zone insisted that I do it.  At the time he was using
      DHCP with dynamic address assignments because he had more machines
      than would fit in two Class-C subnets.  When he converted to W2k
      we gave him two additional Class-C subnets, so he was no longer
      short on address space.  But he still wanted dynamic DNS
      controlled by DHCP.  If anyone is interested in the DHCP problems
      I am seeing, contact me off-line, as this is a BIND discussion
      group, not an MS DHCP group.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Instrumentation Solutions Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
Building 222, Room D209              Internet: BSFinkel at anl.gov
Argonne, IL   60439-4828             IBMMAIL:  I1004994

More information about the bind-users mailing list