In article <mailman.61.1365232319.20661.bind-us...@lists.isc.org>, Doug Barton <do...@dougbarton.us> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 04/05/2013 11:53 PM, Novosielski, Ryan wrote: > > | It is funny you should mention that... my questions about using views > | to create a situation where one single record is different happens to > | be exactly for this reason. The Active Directory administrators were > | saying that not having umdnj.edu point to an Active Directory server > | was bothering the AD servers in some fashion. The solution we're going > | to test is telling the AD servers that umdnj.edu are them, but telling > | everyone else on the planet that it's www. We think this will do it, > | but haven't tested yet. > > Much better to put the AD stuff in its own subdomain, like ad.umdnj.edu. > AD DNS is only really happy when it runs the whole show for its "home" > domain. It's possible to do otherwise, but really painful and fragile. We've been running our main domain with the underscore domains delegated to AD for well over a decade and it's been neither painful nor fragile, at least no more painful than running AD any other way as far as I can tell. We already had a well partitioned and, in some cases, delegated DNS structure before Windows 2000/Active Directory came on the scene, but we needed to have a single AD thingy (forest? domain? I can't remember the correct terminology). Replicating all of that under a new functional domain didn't seem like a sensible option. Sam -- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users