Bitter experience? Perhaps not bitter, but having seen (and tried) many attempts to integrate Active Directory with BIND, I would say that is not the way you want to go if you want a stable environment. It's not that it can't be done, it's that it's not a good idea in most situations I've seen where you try to directly integrate Active Directory into existing BIND zones. Better to delegate a zone to Active Directory and work on ways to modify the UPN alias'.
Al -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Mackenzie Sent: Thursday, June 10, 2004 5:42 AM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Debate over 'split horizon' DNS Folks, I'm looking for input to a debate we're having over whether or not to root our campus Active Directory at gla.ac.uk (which is our public internet persona) or at some other point such as ad.gla.ac.uk (which creates a pseudo department in local terms) or gla.ac.uk.local. The public DNS will stay with Bind (for ever!). The merit of paralleling our long established DNS structure is that everyone is familiar with it and the 'names' that come out automatically such as [EMAIL PROTECTED] are immediately known by the customers. There is no need to grapple (and many do) with ugly oddities that a different root produces. But there may be, down the track hard reasons not to do this. Anyone with bitter experience either way? Regards, Roger Mackenzie (Glasgow University, Scotland for the record) List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
