Solved

Configuring BIND 9 to support Active Directory

Posted on 2008-10-21
1
1,119 Views
Last Modified: 2012-05-05
In our environment there are two domains namely "a.com" & "b.com", both have tree root trust relationship established. there are about 8 domain controllers in total (a.com =2, b.com =6).

All the domain controllers are DNS servers and active directory is integrated into DNS.

Our primary DNS servers are BIND 9 - Linux DNS servers (ie in our client machines the linux dns server is set as the default DNS server)

Should the Service Locator Records be configured as given in this URL  ? http://www.microsoft.com/technet/archive/interopmigration/linux/mvc/cfgbind.mspx?mfr=true

or is it enough if we configure Forwarding like shown below

zone "a.com" {
        type forward;
        forwarders { Address-List; };
};

0
Comment
Question by:kumarnirmal
1 Comment
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 22774482

I would go with the forwarders personally. Dynamic Updates will follow those and it allows you to maintain the fault-tolerance of multiple Windows DNS servers, with AD Integrated zones each is Primary.

Chris
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question