Hash: SHA1

On 04/05/2013 04:12 PM, Dave Warren wrote:
> On 2013-04-05 12:18, Sam Wilson wrote:
>> We're currently prevaricating over putting in an A record for
>> ed.ac.uk. Whilst my colleagues who manage active directory assure
>> me that having an A record there - pointing at the
>> content-managed web server that has difficulty handling arbitrary
>> URLs - won't break anything I'm not going to try it except under
>> very controlled conditions and after I've spoken to a lot of
>> other people who do it already.
> Is ed.ac.uk your Active Directory root as well? If so, my
> experience is that pointing it at anything but domain controllers
> will eventually lead you to issues.
> It's not to say that this totally forbidden, but there is (was?) 
> Microsoft best practices documents suggesting avoiding this 
> configuration entirely when possible, although there were ways to 
> mitigate most of the negative side effects.
> Obviously if you can run a split DNS environment this is less of a
> factor.

It is funny you should mention that... my questions about using views
to create a situation where one single record is different happens to
be exactly for this reason. The Active Directory administrators were
saying that not having umdnj.edu point to an Active Directory server
was bothering the AD servers in some fashion. The solution we're going
to test is telling the AD servers that umdnj.edu are them, but telling
everyone else on the planet that it's www. We think this will do it,
but haven't tested yet.

- -- 
- ---- _  _ _  _ ___  _  _  _
|Y#| |  | |\/| |  \ |\ |  | |Ryan Novosielski - Sr. Systems Programmer
|$&| |__| |  | |__/ | \| _| |novos...@umdnj.edu - 973/972.0922 (2-0922)
\__/ Univ. of Med. and Dent.|IST/EI-Academic Svcs. - ADMC 450, Newark
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/


Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list

Reply via email to