BIND and AD integration

John Welch jrw3319 at nospamcomcast.net
Thu Mar 10 22:37:37 UTC 2005 

I found the "BIND + AD HOWTO" by doing a Google search.  Here's the
link:

http://www.ibiblio.org/gferg/ldp/BIND+AD-HOWTO/BIND+AD-HOWTO.html

It looks like it may have been part of the Linux Documentation Project
at some point.  The document also talks about future versions, but I
couldn't find any.  This is part of what made me question whether or
not the information was still valid.


On Thu, 10 Mar 2005 09:52:53 +0100 (MET), "Tom Schmitt"
<TomSchmitt at gmx.de> wrote:

>Hi,
>
>> I came across the "BIND + AD HOWTO" and
>
>Where do you found this? Do you have a link?
>
>> Both describe the setup of four sub-domains
>> with the the BIND configuration (_msdcs, _sites, _tcp, and _upd). 
>
>Yep. This is the way we did it too. And it works fine with Windows2003.
>
>
>> I'd also be interesting in hearing from anyone
>> that has this type of setup (any "gotchas", or major configuration
>> changes to be aware of?).
>
>The changings between the AD of W2K and W2003 are internal and do not
>concern the DNS/DHCP. (But none the less: The changes are very important,
>especially if you are a bigger company, because the the AD of W2K did not
>scale).
>
>There are two points in the interwork with AD:
>Windows uses another RFC for signing the dynamic DNS-Updates than Bind does.
>They do not understand each other. So: For allowing the DC's writing their
>Updates in the four Service-Zones (_msdcs etc.) you have to permit on
>IP-base instead of using a secure key.
>
>Second: For using the ISC DHCP you should disable in the Registrie of all
>your Windows-PCs the default behaviour to register themself. It does not
>really harm, if you don't disable ist, but you have a lot of unnessisary
>traffic and big error-logfiles.
>
>Tom.
>
>-- 
>DSL Komplett von GMX +++ Supergünstig und stressfrei einsteigen!
>AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl
>
>-- 
>DSL Komplett von GMX +++ Supergünstig und stressfrei einsteigen!
>AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl

More information about the bind-users mailing list