William figured it was best to leave it alone without registry tweaks (assuming anyone can read this email, I'm hoping I read that right - William, you likely don't have to worry about it.) Carlos was aiming that concept at people that have overloaded PDCe's and might need to off-load some services. You're not likely one of those folks and should consider leaving it as is.
I recently had an off-line conversation about Active Directory integrated DNS and have been considering filing a bug/dcr or sets of both. In large environments, active directory DNS can become an issue, especially over time. Logging is something that's next to impossible to get from it. The trade-off of course is the stellar replication model that integrated uses. Can be tough to decide which is better: the better replication and living with the ACL's/lack of logging etc. Some areas it fits into well. I'm a fan, but there are trade-offs. On 5/17/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Interesting stuff joe ...... Many of us have used ADI zones for many (well 7+) years now with little or no issue, in various orgs sizes and types. I'd like to hear more about this issue, since IMO, ADI zones offer huge advantages to a typical org over BIND text files. [I won't expand upon these advantages here, since they are well documented.] Have you encountered an isolated issue or a true show stopper which we should all sit up and take note of?? :) With regard to running DNS on a DC - if an existing DNS implementation exists that can support AD, then use it. Otherwise, I see DNS as a VERY minor overhead, compared with the other services that a DC provides and would not hesitate to install DNS on a (or indeed every) DC. my 2 penneth. Thanks, neil ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: 17 May 2006 14:55 To: [email protected] Subject: RE: [ActiveDir] DNS on a DC or NOT To: [email protected] Subject: RE: [ActiveDir] DNS on a DC or NOT If your DNS is integrated, find a big piece of wood to knock on... Or keep it around to bang your head on later. I'll run DNS on DCs if I have to. I will run it integrated if threatened badly enough. I recently ran into a nasty DNS problem in an integrated DNS where DNS would start but wouldn't actually respond to anything. It appears to be related to a possible AD Replication bug I found though. I have to research a little more and see if it was one off or I can duplicate at will. Once I removed the items causing the issue replication worked again and DNS came back to life. But enough about DNS, I don't speak about services that start with D. You have to draw the line somewhere. DFS, DNS, DHCP, Damn SQL Server... You get the drift. ;) -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Craig Cerino Sent: Wednesday, May 17, 2006 9:05 AM To: [email protected] Subject: RE: [ActiveDir] DNS on a DC or NOT To: [email protected] Subject: RE: [ActiveDir] DNS on a DC or NOT At the very least it (DNS) should be on ONE of the DCs. I personally do not have an issue with DNS running on all of my DCs - -- which it is. I have heard/read all the arguments for and against. I still have no issue - - (Searching for wood to knock) I've not had an issue/conflict once. ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Krenceski, William Sent: Wednesday, May 17, 2006 7:38 AM To: [email protected] Subject: [ActiveDir] DNS on a DC or NOT To: [email protected] Subject: [ActiveDir] DNS on a DC or NOT I was reading Carlos's blog about not running DNS on the PDC emulator. It all makes perfect sense to not have DNS running on it. In my relatively small setup we have @60 servers, 560pc's, on 8 networks (some remote some vlans). I have 2 DC's at my main site with one at each remote site. All DC's are GC and DNS. I always thought that in order for DNS to work as AD integrated you're DNS servers had to be DC's. If that is NOT true my face is red for believing so for so long. William Krenceski Network Administrator [EMAIL PROTECTED] Confidentiality Notice: The information contained in this message may be legally privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any release, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error please notify the author immediately by replying to this message and deleting the original message. Thank you. PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1) is not, and should not be treated or relied upon as, investment research; (2) contains views or opinions that are solely those of the author and do not necessarily represent those of NIplc; (3) is intended for informational purposes only and is not a recommendation, solicitation or offer to buy or sell securities or related financial instruments. NIplc does not provide investment services to private customers. Authorised and regulated by the Financial Services Authority. Registered in England no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand, London, EC1A 4NP. A member of the Nomura group of companies.
