Is this possible

Barry Finkel b19141 at achilles.ctd.anl.gov
Wed Feb 25 16:05:22 UTC 2004


"Robb Edge" <Robb.Edge at savant.co.uk> wrote:

>In the final stages of Active Directory planning, but one thing that keeps
>nagging me is DNS.
>Currently run Bind on VMS for all our DNS needs.
>Planning to run the DNS on a W2K3 server for the active directory
>requirements and to stop Bind from getting all the updates.
>Adding NS entries to bind for the 4 zones i need to delegate to the 2K3
>server.
>This also helps in that i dont have to go round re-configuring all my
>desktop's with new DNS servers.
>Now the niggling bit.
>When i finish i'll have 1 AD dns server, which is fine and dandy till it
>falls over at which point i'm stuffed.
>If i set up a 2nd 2K3 server with DNS and have it as a secondary zone, what
>do ineed to add to Bind so that clients will see it if i loose the master
>zone?

If I understand your question correctly (my interpretation is different
than Kevin Darcy's in his reply), you are worried what will happen if
your W2k3 AD DNS Server is unavailable for some reason.  I assume
that you have followed the advice I have given in this forum and in
its sister forum (bind9-users at isc.org) - have your BIND servers be
slaves for the six W2k3 AD zones.  That way, all of your various
clients (Unix, PC, Mac, etc.) will not have to change their DNS
configurations, as the new AD zones will be slaved on the servers that
are currently lists in the TCP/IP configuration on those machines.

Unless you are doing work with the Domain Controllers, the SRV and
CNAME records in the AD zones will not be changing frequently.  There
should be no problem if your AD DNS Server is down for a while because
all of its zone data will be slaved on your BIND servers.  You cannot
remove or add a DC if the W2k3 DNS Server is down, but the likelihood
of that happening is small.

You could set up a second W2k3 DNS Server to be a slave for the zone,
but why do it?  You could have the W2k3 zones AD-integrated, so each
W2k3 DNS Server would be a "master", but then you run into serial
number problems as documented in MS article 282826.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Instrumentation Solutions Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
Building 222, Room D209              Internet: BSFinkel at anl.gov
Argonne, IL   60439-4828             IBMMAIL:  I1004994



More information about the bind-users mailing list