Heuristics for finding a Win2K domain controller ...
Andrew Morgan
morgan at orst.edu
Mon May 6 08:45:02 GMT 2002
On Mon, 6 May 2002, Steve Langasek wrote:
> On Mon, May 06, 2002 at 07:55:17AM +0200, Norbert P?schel wrote:
> > Steve Langasek schrieb:
>
> > > On Fri, May 03, 2002 at 07:50:35AM +0200, Norbert P=FCschel wrote:
>
> > > > WINS is only used for backward compatibility in Win2K. The DCs are =
found
> > > > via their
> > > > DNS entries; they have entries of type SRV in _msdcs.your.domain, w=
here
> > > > your.domain is
> > > > your DNS domain _and_ your W2K-domain.
>
> > > > Your DNS must support dynamic DNS for this to work. W2Ks DNS-server=
does
> > > > this, as does BIND 8/9.
>
> > > Is dynamic DNS support absolutely /necessary/? I.e., will a W2K DC f=
ail
>
> > Yes.
>
> > There is no way you can avoid DDNS if you want to use AD. None.
> > W2K-Clients use
> > DNS to find their servers. (You could make static DNS entries, but this
> > would not be
> > very admin-friendly...)
>
> When it comes to Windows admins, *I'm* not very admin-friendly, either.
> I was specifically asking whether this could be done with static DNS
> entries; I'm glad to hear the answer is yes.
>
> Steve Langasek
> postmodern programmer
Just an additional note about this. Here at OSU, we run bind for our main
campus servers, and we do not allow dynamic updates. However, in third
level domains which are using AD, we have delegated the "special"
sub-domains to a Windows 2000 DNS server.
For example, we have the third level domain "tss.oregonstate.edu". All
regular A and PTR records are handled by the bind server, such as
"server1.tss.oregonstate.edu". The sub-domains that AD requires, such as
_tcp.tss.oregonstate.edu, _udp.tss.oregonstate.edu, etc, or delegated to a
Windows 2000 DNS server.
So for a third-level domain to be AD capable, there is some one-time setup
required by the DNS adminstrator. Also, we set a registry key on the
domain controller in the new AD domain so that they do not try to do a
dynamic registration of the A record.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters
From=20there add the (DWORD) RegisterDNSARecords the value should be 0x0
=09Andy
More information about the samba-technical
mailing list