In
Mike B. said:
Let me re-phrase this.
The current network is an NT 4.0 with 4 separate trusted domains.
Use Wins and a Unix DNS. Plan is to make one 2k3 forest and upgrade
the NT 4.0 domains to 2k3 and add them to the new forest. Our forest
root name is the same as the zone in the Unix DNS. The UNIX DNS
needs to stay due to some application issues I have been told. I
can't forward from a 2k3 DNS to that domain because it already
exsists within Windows DNS. I have read about making a windows DNS a
secondary DNS to the Unix DNS and then do a zone transfer. Using the
DNS promote and create a new forest with the same zone. Then make the
zone the primary and the Unix the secondary.
Does this make some sense?
Thanks,
Mike B.
If you like to use your Bind server, not a problem. But if I may ask, what
sort of zones are on it? Is external data being hosted for public data
(public IPs)? Curious about the application issues, what are they? Using
Bind can be an additional administrative overhead with AD, but it can be
done.
Bind 8.2.3 or newer is recommended for AD. However, sad part is security
isnt compatible and you will lose all the security and replication
enhancements not using a Windows 2003 DNS, but then this depends on the size
of your infrastructure. As long as Bind can handle SRV support and allow
dynamic updates, are the main requirements.
There are a number of ways, depending on your current topology,
infrastructure and what's being hosted on the Bind server, that you can use
Bind. Honestly, the easiest way to setup your new W2k3 system (upgrading
it), is to initially use the W2k3 DNS.
In your case, to make this happen, you can install DNS on the NT4 box,
configure a secondary zone of the current zone on the Bind box, then on NT4,
change it to a Primary, then change the Bind server zone to a Secondary,
then run the W2k3 upgrade, and let the upgrade and promotion process handle
DNS automatically. It's alot easier then messing around with the zone data,
etc, on Bind. If you want to change it back later, you can do so, but just
remember updates need to be set. You can remain to point NT4 to itself if
you like, the registration requests will ferret the MNAME (Master name) of
the primary zone from the secondary zone and registration will be sent to
it, and your W2k3 DNS will transfer the updated info.
For your reading pleasure...
255913 - Integrating Windows 2000 DNS into an Existing BIND or Windows NT
4.0-Based DNS Namespace:
http://support.microsoft.com/default.aspx?scid=kb;en-us;255913
BIND Your Windows 2000 DNS - from MCP Mag:
http://www.mcpmag.com/features/article.asp?EditorialsID=273
Zone Transfers from BIND Version 9.x DNS Servers Do Not Work (302639):
http://support.microsoft.com/support/kb/articles/302/6/39.ASP
Configuring Berkeley Internet Name Domain (BIND) to Support AD [Linux to
Windows Migration]:
http://www.microsoft.com/technet/itsolutions/migration/linux/mvc/cfgbind.mspx
And for your viewing pleasure...
Support WebCast Microsoft Windows 2000 DNS and UNIX BIND DNS
Interoperability:
http://support.microsoft.com/default.aspx?scid=/servicedesks/webcasts/wc022602/wcblurb022602.asp
--
Regards,
Ace
Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.
This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.