On Fri, Jul 14, 2000 at 09:03:32AM -0700, EXT-Moore, Kirk W wrote:
Here's a question - more of a statement....
How many of you have ever let W2k update your DNS zone file. I am running Active directory, and to add a second server to the Domain, I had to give update authority to W2k for the SuSE server. After the update the zone file LOOKED a lot different. W2K had added the following:
_ldap 600 IN SRV 0 100 3268 granita.superiorwebsolutions. com. ;Cl=2 $ORIGIN _tcp.Default-First-Site-Name._sites.gc._msdcs.superiorwebsolutions.com. [Weird W2K dns stuff deleted]
Since allowing it to do that... The DNS on the W2k works with the SuSE bind 8 server very well. I am researching what all this means, and better how it affects the BIND server. Any ideas would be greatly appreciated, and anyone else ever seen this?
-- Kirk Moore
Microsoft has dumped most of its WINS stuff and other info into DNS. The scary thing about this is while Microsoft has added some features in their Bind 8 "compliant" DNS server so the boxes don't overwrite each other's info, standard BIND 8 does not have this enhancement. Therefore, you have to let just about everyone dynamically update your UNIX DNS server if you want to use things like active directory. I'm not sure how this works for secondaries -- you might be able to get away with only allowing updates from a primary windows DNS and let it go at that. The real stinky thing is you pretty much have to have a windows DNS for active directory, etc. to work, unless you want to throw out all of your DNS security. -- Andrew Diederich -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq