It *should* be fine. A catch-all will only be mapped for non-existent records, so if the records exists in DNS, the lookup for that record will resolve to the right resource. Now, I qualify "should" because there are some interesting behaviors you will see when using DNS wildcards. One of them is the crazy "dot terminated" behavior. If you use wildcards, now all your lookups for records in THAT zone will either now have to be done without appending the zone name, or, if you append the zone name, must have "." appended at the end. This leaves you in a somewhat unsteady state. Say, for example, you have an app looking for an SRV record of, say, "_ldap._tcp.dc._msdcs.internaldomain.com", unless the app looks for either "_ldap._tcp.dc._msdcs" or "_ldap._tcp.dc._msdcs.internaldomain.com.", that lookup will ALWAYS resolve to the IP address you've wildcarded your records to, and not to your DCs as expected. This behavior affects any record, I just used SRV records as an example. A lookup for, say, "yahoo.com" will resolve to the IP you've wildcarded because the lookup will be resolved as "yahoo.com.internaldomain.com" because of the missing "trailing dot". So, as you can see, the problem with wildcarding is not so much with whether the zone is an internal DNS zone or not. It's more with how your resolutions will function after making the change. Sincerely,
D�j� Ak�m�l�f�, MCSE+M MCSA+M MCP+I Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon ________________________________ From: [EMAIL PROTECTED] on behalf of Mike Newell Sent: Fri 5/27/2005 9:16 AM To: [email protected] Subject: [ActiveDir] Catch all DNS record Hey, My company has recently purchased the same domain that our internal domain is named so I'm having to setup DNS to manage both. Not a big deal but I'm being asked to add a DNS record *.internaldomain.com that will point to a public web server and I'm not sure if this will negatively affect AD. Will a catch all DNS entry affect the way the directory functions now that something that wouldn't necessarily resolve to an IP will resolve once I set this up? Any advice is appreciated. Thanks again, Mike. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
