I hate to bring up the subject on a Linux-centered article, but does this dynamic DNS server work well with Windows and Active Directory? For example, a network that has historically been Windows-only (desktops/notebooks, file/print servers, Active Directory, Exchange), but now also has a few Macs, a Linux server, and various brands printers and other network devices.
A few years ago I moved our DNS/DHCP services from Windows 2000 to 2003, and at the time I seriously considered moving it to Linux. I ended up sticking with Windows because it supported dynamic DNS with the Windows clients, and there were some odd entries in there for AD that I didn't fully understand. But whenever issues arise I start wondering how easy it would be to move it to Linux .
There must be MANY users out there who would love to switch at least a few basic services over to Linux, but are concerned about Windows compatibility. We don't want to go all-Windows, and can't go all-Linux, so we look for ways they can work together.
Discussion on:
View:
Show:
Actually, one of the main reasons for me digging into this and doing it was precisely for that reason. A client merged with another company (who was all-Windows, using AD), and his server was Linux and used to serve DNS and DHCP amongst other things. So we kept their exchange server and AD running, disabled DNS and DHCP on the Win2k3 box, and used a box running CentOS 5, and this setup, and it works great.
You have to dumb it down a bit, unfortunately, as the Windows clients want to talk to the DNS server directly to provide their IP address info and whatnot, so you have to reduce the ACLs to allow updates from the local network (instead of just using the key), but if you don't mind doing that, it works really quite well. (It will work without it, but you'll get a lot of errors in your bind logs about clients wanting to update info and bind denying them, and there were enough systems (and all wired, no wireless), that we decided to loosen the restrictions a bit to accommodate those idiot Windows XP/Vista computers).
You have to dumb it down a bit, unfortunately, as the Windows clients want to talk to the DNS server directly to provide their IP address info and whatnot, so you have to reduce the ACLs to allow updates from the local network (instead of just using the key), but if you don't mind doing that, it works really quite well. (It will work without it, but you'll get a lot of errors in your bind logs about clients wanting to update info and bind denying them, and there were enough systems (and all wired, no wireless), that we decided to loosen the restrictions a bit to accommodate those idiot Windows XP/Vista computers).
Thanks for the info on Windows clients. Sounds like it wouldn't be too much of a problem for us.
Do you have any suggestions on making it work with AD? On my Windows DNS server there are four sub-folders under the Forward Lookup Zone, with names like _msdcs and _domains. Each of those has a number of sub-folders, and some of the names are GUIDs. Can those entries just be copied over to Linux as-is? In what situations do they need to be updated (or does the AD server add/update those entries automatically)? Thanks for any info.
Do you have any suggestions on making it work with AD? On my Windows DNS server there are four sub-folders under the Forward Lookup Zone, with names like _msdcs and _domains. Each of those has a number of sub-folders, and some of the names are GUIDs. Can those entries just be copied over to Linux as-is? In what situations do they need to be updated (or does the AD server add/update those entries automatically)? Thanks for any info.
Sorry, I don't know. All I pretty much did in that situation was turn off DHCP and DNS on the AD box and didn't touch anything else. It was all dynamic DNS so I really didn't think I needed to look anywhere further for that. I don't think you should have to pay any attention to it though, but that's just a guess.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
