In article <mailman.79.1365435117.20661.bind-us...@lists.isc.org>, "Barry S. Finkel" <bsfin...@att.net> wrote:
> On 4/8/2013 9:10 AM, bind-users-requ...@lists.isc.org wrote: > > In article <mailman.59.1365230565.20661.bind-us...@lists.isc.org>, Phil > > Mayers <p.may...@imperial.ac.uk> wrote: > >> >Sam Wilson<sam.wil...@ed.ac.uk> wrote: > >> > > >>> > >[adding an A record for ed.ac.uk.] > >>> > > > >> > > >> >If your AD realm is also called ed.ac.uk then adding an A record will > >> >definitely affect things. > > Which is exactly the opposite of what our AD guys said, but not with > > such great conviction.:-) > > > > Sam > > AD clients, if they do not know about SRV records for finding the > LDAP servers, will use the "A" records for the AD domain to locate > the Domain Controllers. ... Can you identify any such clients? Phil Mayers has already mentioned non-MS DFS clients and other things (MS?) which might try SMB and WebDAV to an A record at the AD domain name. Are there others? > ... Where I used to work we did not segregate > AD, so internally, > > example.com > > pointed to the Domain Controllers. Externally, > > example.com > > had no IP address because the DCs were not accessible from the > external Internet. When we had the DC addresses externally, then > AD clients would see the addresses, try to authenticate to the AD, > experience timeouts, and get frustrated. Without an external > address, AD clients do not try to access the DCs. The drawback > is that we can not have > > example.com > > externally have the same address as > > www.example.com > > to aid browser users. Which is exactly where I came in - the people who manage our corporate image feel that this is unacceptable and reflects badly on the University. Sam -- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
