In article <mailman.86.1365490964.20661.bind-us...@lists.isc.org>, Phil Mayers <p.may...@imperial.ac.uk> wrote:
> On 04/08/2013 06:59 PM, Novosielski, Ryan wrote: > > > Someone can correct me if I'm wrong, but I think they'd be right if > > and only if the webserver they're adding the A record for happens to > > also be the AD server. > > In principle that's correct. > > In practice, running a publicly accessible webserver on your AD > controllers is a bad move IMO. The security implications are gruesome. > > I think I almost dislike the idea so much that I'd suggest split DNS > before this. And given how much I dislike split DNS, that's saying > something. > > But hey, to each their own. In our case it would be impossible for the University's public web presence and the AD domain controllers to be the same machines. It is conceivable that we could do some magic in load balancers to divide traffic appropriately, but I'd rather not do that if I don't have to. Sam -- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users