Active Directory Clients w/ DDNS

  • Thread starter Thread starter JohnF
  • Start date Start date
J

JohnF

Hello,
We are considering using non Windows DNS servers on our
network. It was suggested that the Dynamic update for DNS
not be enabled on the clients. On the client side if we
Uncheck the "register this connections address in DNS" in
the advanced properties of TCP/IP, will this have a
negative effect in Active Directory if we are not using
Dymanic DNS?
Thanks,

John
 
In JohnF <[email protected]> posted a question
Then Kevin replied below:
: Hello,
: We are considering using non Windows DNS servers on our
: network. It was suggested that the Dynamic update for DNS
: not be enabled on the clients. On the client side if we
: Uncheck the "register this connections address in DNS" in
: the advanced properties of TCP/IP, will this have a
: negative effect in Active Directory if we are not using
: Dymanic DNS?
: Thanks,
:
: John

If you want to remotely administer your clients it will be a problem. But
it is not a requirement for clients to register in DNS. It is a requirement
for DCs to register in DNS, and if you do not use a DDNS for the DCs you
will have to manually create a lot of records to locate the DC and
especially global catalogs. Every member and client must be able to locate
the Global Catalog or logon will be impossible.
Most everyone here will suggest you keep your AD domain zone on your Win2k
DC, AD Integrated zones are much more secure and you can only have ADI zones
on a DC.
You can however use your non-windows DNS as a forwarder to act as a local
caching DNS for your network. If they are using BIND DNS it can help speed
up resolution for frequently accessed external sites because the default
maximum cache TTL for BIND DNS is seven days where MS DNS Max cache TTL is
one day.
 
To add to what Kevin said: Don't do it without Dynamic DNS.

While technically possible, it is practically unworkable.

Clients include DCs and these (for all practical purposes) MUST register
dynamically with DNS for many reasons beyond initial setup (moving DCs,
site definitions, GCs etc.)

So, yes, you can register all WORKSTATION "clients" manually but you
don't want to register DC CLIENTS that way.

Use Microsoft DNS if at all possible -- it is actually better for an
internal
Microsoft based network. (Really -- I use BIND for other purposes sometimes
and am quite willing to tell you when Non-MS is better or when MS is
better.)
 
Back
Top