MS DHCP Server and BIND DDNS

28/12/2006, 21h46

Quick question.....

Will a Microsoft DHCP server running on Win2K3 send Dynamic updates to a
BIND DNS server ?

TIA

Geoff

01/01/2007, 04h52

"Geoff" <nigeltufnel123@gmail.com> wrote in message
news:eVehlmsKHHA.4848@TK2MSFTNGP04.phx.gbl...
> Quick question.....
>
> Will a Microsoft DHCP server running on Win2K3 send Dynamic updates to a
> BIND DNS server ?

I haven't tested it but it should, and I can think of no reason
this would not work in general.

You will likely be much better off if you switch to Microsoft
AD DNS with "Secure Updates Only" but this doesn't mean
your setup CANNOT work.

02/01/2007, 21h08

Thanks !

I've done some testing and it does work, provided that the dns suffix of
the machine (not the connection suffix) matches the BIND zone.

Which brings me to another question, is it possible to use option 81
(FQDN) on a MS DHCP server ?

Herb Martin wrote:
> "Geoff" <nigeltufnel123@gmail.com> wrote in message
> news:eVehlmsKHHA.4848@TK2MSFTNGP04.phx.gbl...
>> Quick question.....
>>
>> Will a Microsoft DHCP server running on Win2K3 send Dynamic updates to a
>> BIND DNS server ?
>
> I haven't tested it but it should, and I can think of no reason
> this would not work in general.
>
> You will likely be much better off if you switch to Microsoft
> AD DNS with "Secure Updates Only" but this doesn't mean
> your setup CANNOT work.
>
>

04/01/2007, 16h07

In news:eop8YIrLHHA.420@TK2MSFTNGP06.phx.gbl,
Geoff <nigeltufnel123@gmail.com> stated, which I commented on below:
> Thanks !
>
> I've done some testing and it does work, provided that the dns suffix
> of the machine (not the connection suffix) matches the BIND zone.
>
> Which brings me to another question, is it possible to use option 81
> (FQDN) on a MS DHCP server ?

Option 081 is default on Microsoft DHCP. Matter of fact you can control it
by looking in DHCP properties, DNS tab. It doesn't specifically say 081, but
that is what that tab is for.

btw- BIND does NOT support Microsoft Secure Updates. BIND uses TSIGS
(transaction signatures) to secure communication for DNS traffic, which
Microsof products do not use.

If you want true secure updates and minimal administration, it is easier to
just only use Microsoft DHCP and DNS. The DHCP and DNS APIs are written to
work hand in hand together seemlessly. With BIND, you have to do some extra
steps to make it work but will be limited with functionality, especially not
having the ability to use AD integrated zones, where the zone is actually
stored in the AD database, which will replicate automatically and exists on
all DCs, and is much more secure than BIND's text files. After all, you MUST
be authenticated to AD to be able to view the data. With Microsoft products,
it just works out of the box.

I'm not trying to say you must use this, or you must use that. I am just
saying that it is easier and more secure to use Windows DNS. I think BIND is
a fabulous product, but when it comes to AD, Windows DNS is much more
efficient with a host of extra features and increased security that BIND
cannot offer. I know a friend of mine that swears by BIND and will jump thru
hoops to appropriate and pay for additional servers running Linux just to
use it. He told me he *wants* it because he's been using BIND for over 10
years and won't let go of it. But when he has problems with updates, he gets
flustered and starts emailing me with a host of questions about Microsoft
DNS. :-)

--
Ace
Innovative IT Concepts, Inc (IITCI)
Willow Grove, PA

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.
It's easy:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."

The only constant in life is change...

28/12/2006, 21h46	#1
Geoff Messages: n/a Hébergeur:	MS DHCP Server and BIND DDNS Quick question..... Will a Microsoft DHCP server running on Win2K3 send Dynamic updates to a BIND DNS server ? TIA Geoff

01/01/2007, 04h52	#2
Herb Martin Messages: n/a Hébergeur:	Re: MS DHCP Server and BIND DDNS "Geoff" <nigeltufnel123@gmail.com> wrote in message news:eVehlmsKHHA.4848@TK2MSFTNGP04.phx.gbl... > Quick question..... > > Will a Microsoft DHCP server running on Win2K3 send Dynamic updates to a > BIND DNS server ? I haven't tested it but it should, and I can think of no reason this would not work in general. You will likely be much better off if you switch to Microsoft AD DNS with "Secure Updates Only" but this doesn't mean your setup CANNOT work.

02/01/2007, 21h08	#3
Geoff Messages: n/a Hébergeur:	Re: MS DHCP Server and BIND DDNS Thanks ! I've done some testing and it does work, provided that the dns suffix of the machine (not the connection suffix) matches the BIND zone. Which brings me to another question, is it possible to use option 81 (FQDN) on a MS DHCP server ? Herb Martin wrote: > "Geoff" <nigeltufnel123@gmail.com> wrote in message > news:eVehlmsKHHA.4848@TK2MSFTNGP04.phx.gbl... >> Quick question..... >> >> Will a Microsoft DHCP server running on Win2K3 send Dynamic updates to a >> BIND DNS server ? > > I haven't tested it but it should, and I can think of no reason > this would not work in general. > > You will likely be much better off if you switch to Microsoft > AD DNS with "Secure Updates Only" but this doesn't mean > your setup CANNOT work. > >

04/01/2007, 16h07	#4
Ace Fekay [MVP] Messages: n/a Hébergeur:	Re: MS DHCP Server and BIND DDNS In news:eop8YIrLHHA.420@TK2MSFTNGP06.phx.gbl, Geoff <nigeltufnel123@gmail.com> stated, which I commented on below: > Thanks ! > > I've done some testing and it does work, provided that the dns suffix > of the machine (not the connection suffix) matches the BIND zone. > > Which brings me to another question, is it possible to use option 81 > (FQDN) on a MS DHCP server ? Option 081 is default on Microsoft DHCP. Matter of fact you can control it by looking in DHCP properties, DNS tab. It doesn't specifically say 081, but that is what that tab is for. btw- BIND does NOT support Microsoft Secure Updates. BIND uses TSIGS (transaction signatures) to secure communication for DNS traffic, which Microsof products do not use. If you want true secure updates and minimal administration, it is easier to just only use Microsoft DHCP and DNS. The DHCP and DNS APIs are written to work hand in hand together seemlessly. With BIND, you have to do some extra steps to make it work but will be limited with functionality, especially not having the ability to use AD integrated zones, where the zone is actually stored in the AD database, which will replicate automatically and exists on all DCs, and is much more secure than BIND's text files. After all, you MUST be authenticated to AD to be able to view the data. With Microsoft products, it just works out of the box. I'm not trying to say you must use this, or you must use that. I am just saying that it is easier and more secure to use Windows DNS. I think BIND is a fabulous product, but when it comes to AD, Windows DNS is much more efficient with a host of extra features and increased security that BIND cannot offer. I know a friend of mine that swears by BIND and will jump thru hoops to appropriate and pay for additional servers running Linux just to use it. He told me he wants it because he's been using BIND for over 10 years and won't let go of it. But when he has problems with updates, he gets flustered and starts emailing me with a host of questions about Microsoft DNS. :-) -- Ace Innovative IT Concepts, Inc (IITCI) Willow Grove, PA This posting is provided "AS-IS" with no warranties or guarantees and confers no rights. Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP Microsoft MVP - Directory Services Microsoft Certified Trainer Having difficulty reading or finding responses to your post? Instead of the website you're using, I suggest to use OEx (Outlook Express or any other newsreader), and configure a news account, pointing to news.microsoft.com. This is a direct link to the Microsoft Public Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you to easily find, track threads, cross-post, sort by date, poster's name, watched threads or subject. It's easy: How to Configure OEx for Internet News http://support.microsoft.com/?id=171164 Infinite Diversities in Infinite Combinations Assimilation Imminent. Resistance is Futile "Very funny Scotty. Now, beam down my clothes." The only constant in life is change...

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email