Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 04-28-2002, 11:50 PM   #1
LQ Newbie
Registered: Apr 2002
Posts: 1

Rep: Reputation: 0
Question BIND DNS for Windows 2000 clients

How do I get Windows 2000 clients to accept Linux BIND as a DNS server? Is there a way to make BIND act like Active Directory?


Old 05-07-2002, 05:19 PM   #2
LQ Newbie
Registered: May 2002
Location: Canada
Distribution: RH 7.2
Posts: 4

Rep: Reputation: 0
BIND & w2k Domain

It doesn't really work right, but you can hack and slash, lowering security to make it fit. You'll have to explicitly trust any updates from a set of defined IP's (ACL). Later on there's a link to some nifty ways to re-secure the relationships by directing who writes where.

1)your w2k Domain controller(s)
2)IF you use and configure your DHCP server correctly
(DHCP Manager-so it registers both A & PTR records for a client) you only need to trust it.
3) any none-DHCP fed PCs

FYI the secure GSS TSIG (?) trasnmission format w2k DC uses is not supported by BIND, and won't be anytime soon.

If you want to make it semi secure you need to modify all the PC's Go to: My Computer -Properties-Next-Network Identification tab-Properties-Identification Changes-More-"Primary DNS suffix of this computer" AND you'll have to follow the link below to adjust for this change.

Setting that to something, it will appear as a child ( If you DON'T do that you have to allow any PC to write directly to your top level zone (scarry). A users could change his PC name to mail, overwrite your existing mailserver record, and become

At this point in time let me defer to this article. You really should read it. The last example is how to do it right.

Now that you know what can happen if you do the following, the really quick and dirty "just get the damn thing working" way is to trust all the local IP's to update forward and reverse zones by putting this line in named.conf's zone records.

allow-update{ "localnets";};

zone "" {
type master;
file "";
allow-update { "localnets"; };

zone "" {
type master;
file "db.192.253.254";
allow-update { "localnets"; };

This of course assumes all users and servers also have a local IP. Good luck. Feed back welcome. That article is by far the only good w2k domain / BIND resurce I've ever found.

Last edited by rickburdeniuk; 05-07-2002 at 05:28 PM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
samba¦server¦with¦windows¦2000¦clients dabash Linux - Networking 3 08-23-2005 01:08 AM
Can bind 9 (DNS) resolve names based on who's asking?? (internal vs. external clients registering Linux - Networking 3 06-16-2004 07:25 AM
Running Mandrake 9.1 Linux Clients on Windows 2000 Domain Server marc213 Linux - Networking 0 10-30-2003 03:20 AM
Can't get bind to reslove for windows clients. bentman78 Linux - Software 3 10-25-2003 02:33 PM
adding win 2000 server domain controller, bind dns GraemeK Linux - Networking 6 08-23-2003 05:44 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:44 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration