ISC Bind in Active Directory

Phil Mayers p.mayers at imperial.ac.uk
Wed Oct 24 17:33:45 UTC 2012


On 24/10/12 16:54, Kevin Darcy wrote:

> Why do you feel the need to register clients in your AD domain at all?
> We register our clients outside of the AD domain via the DHCP server;

Our experience is that this can cause (minor) problems.

The basic issue is that, if you have an AD realm:

EXAMPLE.COM

...and a machine:

foo

...then windows tries very hard to stick its fingers in its ears, shout 
"la la I am not listening" and assume its hostname is:

foo.example.com

You have to fiddle around extensively to make the client *think* it's 
name is what it really is, and it has never been clear to me what the 
implications of doing so are.

This can matter if you have systems that trust the clients own idea of 
the hostname (e.g. vPro/AMT enterprise provisioning) or if you have 
support staff who want to be able to right-click on a machine from the 
"AD users & computers" snap-in and click "manage".

If people have any insight into an easy way of updating clients with the 
correct idea of their own DNS hostnames, and can explain how this 
interacts with the per-connection DNS suffix stuff in the IP stack, I 
would be very grateful!



More information about the bind-users mailing list