Re: Moving DNS services from Linux servers to Active Directory Domain Controllers

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

In news:6f47puF9jtkoU1@xxxxxxxxxxxxxxxxxx,
Spin <Spin@xxxxxxxxxxx> typed:
Gurus,

In my company I want to move the DNS services from the current Linux
servers to our two Active Directory Domain Controllers. I am getting
political push-back by the Linux guys running these machines. I am
looking for arguments on why it is better to re-locate DNS services
on Windows Active Directory instead of Linux but don't know how to
present.

Using AD Integrated zones, SECURITY for one. DNS registration, if set to
Secure Only, will only register Windows machines that are part of the domain
by using Kerberos authentication. Linux can't do that. Sure BIND has TSIGs
for security, but that is not a protocol Windows recognizes.

Also, create the AD Integrated zone on one DC and it will replicate to ALL
DCs with AD replication. Easier to manage.

It also works hand-in-hand with DHCP and DNS registration. Linux can't do
that.

From past experience, for the most part, using Linux and BIND for AD DNS is
usually a political and job security ploy, and a lack of understanding
Microsoft DNS and how AD works, including Microsoft DHCP. If they don't want
to move from it, use something else that at least supports these Microsoft
services and Kerberos, such as MetaIP.

--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Infinite Diversities in Infinite Combinations


.

Relevant Pages

  • Re: Problems with Active Directory
    ... Dose the BIND version of your Linux DNS support Dynamic Updates and SRV ... How ever I don't recommend to use Linux as DNS Server for your ... Active Directory Zone. ...
    (microsoft.public.win2000.active_directory)
  • SOLVED: Linux DNS expiring on Active Directory DNS server
    ... Linux server's DNS information alive in a Windows Active Directory ... Directory server to set DNS information, ...
    (comp.os.linux.setup)
  • Re: Joining Linux Apache Server to Windows domain?
    ... The second is secondary DNS, ... DNS is configured on the Windows PDC. ... >> Active Directory, how can I set that up on Linux? ...
    (comp.os.linux)
  • Re: Active Directory and DNS
    ... The other two dns are linux dns. ... The two active directory dns are forwarded to the linux dns for ... :I have two active directory dns server. ...
    (microsoft.public.win2000.dns)
  • Re: One or more DNS Server within same domain?
    ... >can both act as DNS server or is there only one DNS-Server allowed? ... It is in no way tied to Active Directory ... You could provide DNS services running in an AD ... DNS was run on members servers. ...
    (microsoft.public.win2000.active_directory)