Windwos 2000 DNS and BIND question...

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi all,

I have a DNS query that I can’t get my head round, and can only assume that
something has to be done manually. Here goes…
If I was using BIND as my DNS and the flavour of BIND was pre 4.9.7 (does
not support srv records) how do I get it (BIND) to understand Active
Directory?
I’ve read that you can change a configuration within the BIND so when it
receives a request for AD it forwards it to a AD aware DNS server which could
be in an AD domain. For instance if “test.com†was my BIND DNS it would
forward AD requests to an “AD.test.com†my question in a nut shell is how
does the pre 4.9.7 understand that it’s an AD query when it doesn’t
understand the AD in the first place? Does it come down to a Zone thing or
something?

Your help as always is much appreciated, and Happy New Year.

Cheers


Greg
 
Greg said:
Hi all,

I have a DNS query that I can't get my head round, and can only assume that
something has to be done manually. Here goes.
If I was using BIND as my DNS and the flavour of BIND was pre 4.9.7 (does
not support srv records) how do I get it (BIND) to understand Active
Directory?
Click to expand...

You don't -- not as the server holding the zone which
supports AD.

DNS support for AD requires those records so neither
BIND pre-4.9.7 nor NT 4 without service packs can
be used as secondaries (must less primaries.)

I've read that you can change a configuration within the BIND so when it
receives a request for AD it forwards it to a AD aware DNS server which could
be in an AD domain.
Click to expand...

Well, sure, but that is just saying that is one DNS server
doesn't hold a zone itself it may forward, recurse, or
delegate (to child zones) to other servers to find the answer.
For instance if "test.com" was my BIND DNS it would
forward AD requests to an "AD.test.com"
Click to expand...

That would require "delegation" which is somewhat different
than forwarding (both are technical terms used for different
things) in DNS.

This implies that your AD domain would (actually) be name:

ad.test.com NOT just test.com.

It would be a child zone of "test.com" and whatever (BIND)
servers which are responsible for test.com would setup the
delegation records (aka: glue records.)
my question in a nut shell is how
does the pre 4.9.7 understand that it's an AD query when it doesn't
understand the AD in the first place?
Click to expand...

It's doesn't -- it just knows that it (must have) delegated
that child zone to some other server which (hopefully)
can resolve the requests and support AD.
Does it come down to a Zone thing or
something?
Yes.

Your help as always is much appreciated, and Happy New Year.
Click to expand...

You too.
 
Back
Top