Active Directory Security Concern

Bob Rahe bob at
Wed Dec 4 19:13:14 UTC 2002

In article <asjkau$3700$1 at>,
Kevin Darcy  <kcd at> wrote:

>tom thumb wrote:

>> All,

>> Unfortunately we are going to be upgrading to Active Directory

>Sorry to hear it.


>some folks prefer a "half-and-half" solution where they just delegate
>the "underscore" subdomains, e.g. _tcp, _udp, _msdcs to a Microsoft
>DNS/AD server and let it manage those itself. This leaves the main
>domain(s) running on your existing DNS infrastructure without having to
>open up Dynamic Update.

  Exactly what we've done with success.  Here's a handy site at Yale
that covers many of the issues:

|Bob Rahe, Delaware Tech&Comm Coll. /                                      |
|Computer Center, Dover, Delaware /                                        |
|Internet: bob at  (RWR50) /                                         |

More information about the bind-users mailing list