Active Directory coexist with Unix DNS and no sub domains
Posted on 2010-09-01
Please bare with me on this. If there's anything missing I will try and add it in following on anwers.
Years ago when we installed our first Windows 2000 PDC we needed to continue using our Unix (BIND) DNS server (we have a number of critical unix servers and many non-PC clients on our network). So we set up bind to handle DDNS updates from the clients, and we made it also host the special AD sub-domains (eg _udp.xx,_tcp.xx,_sites.xx,_msdcs.xx, etc).
This seemed to work well. Moving forward a few years and unfortunately we've been having a few issues with DNS stuff of late. One of the main issues being that each DC wants to register itself an A record for domain.com (which means that a external lookup of domain.com shows all our private DCs). There's also some issues with us retrofitting the forest/domain DNS subdomains).
After talking to other folks it was recommended that we let Windows AD manage its own DNS however this presents some unacceptable issues for us as we discovered during a test run.
Currently we have 3x Win2008 DCs and our windows AD domain is company.com and every machine in the company uses a FQDN like user-pc.company.com. We have NO subdomains and do not want any.
When we set up a test domain on ad.company.com (so it could use it's own DNS) it ended up naming all the test clients userid-pc.ad.company.com. For various reasons it is unacceptable that PCs and servers be in a subdomain.
So my first question is, is there a better way of making our Unix DNS and AD DNS coexist such that all our servers and clients can live in the company.com domain ?