Active Directory Support

phn at phn at
Mon Jan 5 17:26:24 UTC 2004

User, Public <public at> wrote:
> Content-Type: text/plain;
> 	charset="us-ascii"
> Content-Transfer-Encoding: quoted-printable
> Hello,
> I am looking to consolidate DNS to a single platform for all systems on
> our network.  Currently BIND8 is being used for all name resolution.  We
> will be adding a large Active Directory environment, and am looking for
> the best way to implement DNS.  What we do not want is all WinXP/2000
> workstations DNS entries to show up in the BIND files, but want the AD
> and Windows DNS to synchronize, but not completely.  I am envisioning
> having DNS on Windows handle the AD servers and workstations, and the
> BIND8 servers to handle everything else.  I would like to have all
> entries in BIND8 synced to AD DNS, but not the other way.  My questions
> are as follows:
> =20
> Can I currently do this with BIND8?  Need to implement BIND9?
> =20
> Can I have BIND9 be the primary AD DNS supporting DDNS?  Does this need
> to support GSS-TSIG updates?
> =20
> What are the possibilities of having BIND8 be primary to Windows DNS
> servers, and keep our administration in BIND8 rather than move over to
> Windows DNS for central DNS administration?
> =20
> I know this may pose more questions for Microsoft DNS folks, but I want
> to get the capabilities of BIND to see if it will be possible to
> maintain BIND as the central DNS service for the whole environment.
> =20
> Thanks,
> Chris
> =20
> =20
> =20
>   <>=20
> Christopher P. Jenkins, Senior Consultant
> Concordant, Inc.
> P:  508-820-3080
> F:  508-820-4367
> C:  508-241-7415
> E:  chris.jenkins at
> =20

Isn't the most obvious design applicable ? Placing ad in a sub-domain
and having wintendo nameservers servicing that subdomain ?

> -- Binary/unsupported file stripped by Ecartis --
> -- Type: image/jpeg
> -- File: image001.jpg
> -- Desc: image001.jpg

Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list