DNS AD & Internet

rohail khan rohailkaz at yahoo.com
Sun Aug 26 22:32:15 UTC 2001



--- Js Op de Beeck <js_opdebeeck at innovons.net> wrote:
> Sorry for my engish I'm French
> 
> I don't want to take risks.
> 
> I'm planning Win2000 AD migration and I'm doing
> tests:
> 
> I had created DNS  (mydomain.CORP) to use in Windows
> 2000 Directory (for
> internal request and resources)
> My entreprise has Unix Primary DNS for outgoing
> request (mydomain.COM)
> provided by ISP.
> 
> How to configure clients and/or servers to use
> Windows 2000 DNS for local
> requests and Unix DNS for external request ( I don't
> want publish my local
> resources to the Internet).
> 
> Thanks
> 
> Op de Beeck Js
Hi, 
I might be late in responding but I think I can help
you with that.
Start from here :
UNIX DNS authoritative for : abc.com
MS DNS authoritative for: ad.abc.com
Assuming you have one MS DNS Server (Name:
W2KServer2).
Assuming you have on W2K Active Directory DC
(W2Kserver1).

Two ways either you are allowed to mess up with your
BIND DNS or You dont want to do that..

If you are allowed:
1. Bind Delegation to ad.abc.com MS DNS is necessary.
2. Your MS DNS should use BIND as forwarder.
3. Bind Should accept Dynamic updates. 
4. Bind should ignore Illegal characters for records
updates (I mean it should ) of "_" underscores. Let me
know if you want to know how.
5. Every W2K Server will register
gc._msdcs.DnsForestName to BIND.

If you are not allowed or dont want to:
1. Bind Delegation to MS DNS for four Zones:
_msdcs.abc.com
_sites.abc.com
_tcp.abc.com
_udp.abc.com

2. Dynamic update for 
abc.com IN A (W2K Server IP)


Remember:
Even if some of your W2KServers are in ad.abc.com
They will try to register 5 records
for(approximation):
_msdcs.abc.com
13 records for :
ad.abc.com
2 records:
_sites.abc.com
one more more records for:
_tcp.abc.com, _udp.com

It is wise to have option no. 2. Because you dont want
to MS DNS, and Servers to mess up with you Unix Bind.

Regards
Shoaib Qazi
Graduate Assistant
UAB.



=====


__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/


More information about the bind-users mailing list