Why is Linux DNS for Active Directory a bad idea?
I've never used Linux to serve as DNS for everything in a Windows environment including Active Directory.
My understanding is that the built-in DNS server roles on Domain Controllers are more automated in terms of record updating, replication, and location of Windows servers.
Since my boss wants to entertain the idea of moving to Linux for DNS, and I've no knowledge of Linux really, what are some reasons not to do it? I'm sure he wouldn't take it lightly but I really don't know how to communicate why my gut feeling on this is that it'd be a bad idea...
My understanding is that the built-in DNS server roles on Domain Controllers are more automated in terms of record updating, replication, and location of Windows servers.
Since my boss wants to entertain the idea of moving to Linux for DNS, and I've no knowledge of Linux really, what are some reasons not to do it? I'm sure he wouldn't take it lightly but I really don't know how to communicate why my gut feeling on this is that it'd be a bad idea...
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
On Windows everything is integrated with AD/DNS and DHCP and everything gets updated automatically. On Linux you usually have to do everything manually which makes things more complicated and work intensive.
But there is an exception. Zentyal Server can be used as a drop in replacement of an m$ AD server, along with DNS etc, and there things are also automatic and it is very easy to setup and administer, in most situations it is much easier than Windows. But I have only used it together with other Zentyal servers, and not within an existing Windows AD domain, so I don't know how it works when you integrate it with an existing Windows domain and only use it for DNS.
http://zentyal.org
But there is an exception. Zentyal Server can be used as a drop in replacement of an m$ AD server, along with DNS etc, and there things are also automatic and it is very easy to setup and administer, in most situations it is much easier than Windows. But I have only used it together with other Zentyal servers, and not within an existing Windows AD domain, so I don't know how it works when you integrate it with an existing Windows domain and only use it for DNS.
http://zentyal.org
As I mentioned if you use Zentyal server it is automatic as long as your other DC's are also Zentyal, or if you add m$ DC's later. But I haven't set it up just as a DNS server and also not into an existing m$ domain.
Your boss and/or you need to analyze the advantages of running DNS for AD on another machine. Presumably, there is a reason your thinking about this. If you have a DC, DNS is a requirement and it's almost always installed on the same machine as the DC. So, given that, you don't need any more Windows licenses. Taking away a key function from Windows that AD requires and that 999 of 1000 (or more) environments have configured this way unnecessarily complicates your network (unless you have a really good reason) What do you get by moving DNS off of Windows?
Hopefully that helps you both to properly evaluate why you want to do this.
BUT, that said, DNS does NOT need to be run from Windows. Pure and simple. There SHOULD be no problem running it off other platforms. PROVIDED the DNS server used supports dynamic updates as defined in RFC 2136.
Hopefully that helps you both to properly evaluate why you want to do this.
BUT, that said, DNS does NOT need to be run from Windows. Pure and simple. There SHOULD be no problem running it off other platforms. PROVIDED the DNS server used supports dynamic updates as defined in RFC 2136.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial