Moving an AD Zone from Windows to BIND
bsfinkel at anl.gov
bsfinkel at anl.gov
Thu Jul 23 20:06:58 UTC 2009
This is not really a BIND-related question, but I thought that maybe
some people on this list can point me in the right direction.
Maybe someone has already done what I need to do.
I have one zone
xxx.yyy.example.com
that is on a Windows DNS server, completely under the control of
Windows. This zone is slaved on my BIND servers. Within these zones
are the AD records
ForestDNSZones.xxx.yyy.example.com
DomainDNSZones.xxx.yyy.example.com
_msdcs.xxx.yyy.example.com
_sites.xxx.yyy.example.com
_tcp.xxx.yyy.example.com
_udp.xxx.yyy.example.com
What I need is a procedure that I can use to move the base zone
xxx.yyy.example.com
to BIND, while keeping the six AD zones on the Windows DNS Server.
If I were to define the six AD zones on the Windows DNS Server,
would the SRV, CNAME, and other AD records move to the new zones
automatically? I have no problem taking the zone file on one of my
BIND slaves, removing the AD records, adding delegations for the six
AD zones, and making this file into a master.
The reason I need this is DNSSEC, which will not work on MS dynamic
zones. If I can split the non-AD piece of the zone into BIND, I
will have solved my problem, as the six AD zones do not have to be
accessible from off-site, and thus I will not have to sign them.
Thanks.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: BSFinkel at anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994
More information about the bind-users
mailing list