+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 20 of 20
Windows Thread, DNS HELP in Technical; Yep, but with both W2K Server and server 2003 if you start forcing manual updates with that it can play ...
  1. #16

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614

    Re: DNS HELP

    Yep, but with both W2K Server and server 2003 if you start forcing manual updates with that it can play merry hell with AD integrated DNS ... and if you are using DHCP to auto update your DNS then I have seen this bugger up the AD.

    Don't get me wrong ... I think BIND is the dog's ... but I have yet to find a way to make a *nix box the master for all DNS within a school without having to jump through hoops, and then it is not the *nix box that has problems ... far from it ... but the AD DCs ... resulting in GPOs not applying, machines not picking up kerberos tokens and so the cannot authenticate against anything.

    I had a good search round for possible options (leading to playing a bit more with SfU 3.5) and the best *working* solution (best being easiest to set up and the least administration afterwards) seemed to be having the principal domain of the school looked after by the AD DCs and the main website or important machines being on the *nix box. The AD DNS calls it's requests from the *nix box and everyone is happy.

    If someone could talk through making a *nix box the master for all DNS info in a mixed platform environment I know I would appreciate it. The chance to have a proper DNS would be lovely.

  2. #17


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,033 Times in 813 Posts
    Rep Power
    341

    Re: DNS HELP

    AFAIK all that needs to be done is configure the SRV records
    There is a guide here:
    http://www.linuxquestions.org/linux/...ectory_Queries

  3. #18

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614

    Re: DNS HELP

    Yep ... saw a similar set of instructions to that before ... though that link if far mor descriptive (but it does avoid the issues of weighting records)

    But it still doesn't point out how I can allow the secure dynamic updating of SVR records, or secure updating of DNS records of workstations that are using DCs as their primary DNS source.

    I know you could argue that you don't need the DCs as your primary DNS source but then you get into problems with kerberos being pants with authentication (usually a date-time stamp issue).

    Those are the solutions I am looking for and why I said that I still believe that DCs should do your Primary DNS (but only for windows machines really ...)

  4. #19


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,033 Times in 813 Posts
    Rep Power
    341

    Re: DNS HELP

    I know you could argue that you don't need the DCs as your primary DNS source but then you get into problems with kerberos being pants with authentication (usually a date-time stamp issue)
    The article was referring to BIND as a replacement, as long as the kerberos SRV records are in place then kerberos issues are usually due to clock skew -set a time server in DHCP.
    Bind 8 does support dynamic updates, MS describes configuring Domain Controllers to use BIND DNS servers here:
    http://www.microsoft.com/technet/arc....mspx?mfr=true

  5. #20

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,850
    Thank Post
    110
    Thanked 598 Times in 514 Posts
    Blog Entries
    1
    Rep Power
    227

    Re: DNS HELP

    You could always delegate the _tcp_, _ldap_, _kerberos_ sub zones to your Windows DNS server and leave you *nix box running the primary DNS zone.

    But as I said, you just need to pull that text file out of each DC. Combine the resulting SRV records together and your sorted. You can either do this manually once, or write a script to do it automagically.



SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •