Bind + Active Directory
Barry Finkel
b19141 at achilles.ctd.anl.gov
Mon Mar 13 15:32:22 UTC 2006
Daniel Costello <danielc at clinedavis.com> wrote:
>We use Bind as the main DNS in our environment as well. Here are a
>couple articles I used when implementing this setup. If you run into
>any problems. I'd be more than happy to pass on any info I've gained
>during the process.
>
> http://www.linux-mag.com/2001-03/bind_01.html
> http://ops.ietf.org/dns/dynupd/secure-ddns-howto.html
The second URL discusses DHCP and DDNS. But the security model with
MS DHCP, MS W2k workstation self-registration, or AD DC SRV registration
is different from that implemented in BIND. So, if you want MS DDNS
to interact with BIND in a secure way, you can't. That is why I
placed the AD-related zones on a MS W2k DNS Server. When I initially
did that, there were a number of problems with MS DNS-BIND interaction.
Those have since been resolved with fixes to the MS DNS code. I have
not had a major problem in a number of years.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: BSFinkel at anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994
More information about the bind-users
mailing list