Sorry, probably should have dug up the link before sending my other
response. :-)


> -----Original Message-----
> [mailto:[EMAIL PROTECTED] On Behalf Of 
> Charlie Kaiser
> Sent: Thursday, October 26, 2006 4:32 PM
> To:
> Subject: [ActiveDir] DNS setup questions
> OK; my Google-fu isn't working well today, and it's been a 
> while since I had to do any advanced DNS work. Too much BPM 
> work, not enough AD admin lately...
> Here's the scenario:
> Our domain: W2K3 functional level single-domain forest using 
> AD-integrated DNS, secure updates only Partner domain: W2K3 
> functional level single-domain forest using BIND DNS.
> We are planning to establish a trust between the domains. We 
> need to set up DNS so that both domains can resolve at 
> minimum SRV records to keep the trust working and allow 
> member enumeration for selective auth setup. 
> IIRC, we need to create secondary zones in each domain 
> pointing to the other domain, and on the W2K3 side, add the 
> BIND servers to the nameservers tab, right? Anything else I 
> need to do on the W2K3 DNS side? I really think I'm missing 
> something here, but I can't find any information with the 
> answers I need...
> Also, if I allow zone transfers to the other domain's DNS IP 
> addresses, what's to prevent them from setting up something 
> other than a secondary server? I know AD integrated won't 
> allow another AD integrated DNS server outside the current 
> domain, but I just want to make sure I don't leave anything 
> insecure...
> Thanks...
> **********************
> Charlie Kaiser
> W2K3 MCSA/MCSE/Security, CCNA
> Systems Engineer
> Essex Credit / Brickwalk
> 510 595 5083
> ********************** 

List info   :
List FAQ    :
List archive:

Reply via email to