We're looking for a commercial provider of a service that is certified to work with AD. We can easily bring up BIND or something similar. That's not an issue. But I don't see any value in bringing up BIND ourselves, or using a small, local IT firm, when there is already a large player that does this.
Thanks everyone for your help. I appreciate it. -----Original Message----- From: Ryan Dorman [mailto:ryan.dor...@blackboard.com] Sent: Sunday, October 03, 2010 6:21 PM To: Dustin Puryear; David Magda Cc: LOPSA Tech List; gene...@brlug.net; sage-memb...@sage.org Subject: RE: [SAGE] Offsite DNS hosting for Active Directory I'd lean on the side of just firing up a FOSS/*NIX DNS server as the secondary. The "AD-ness" of DNS revolves around SRV records in certain delegated subzones. It allows for computers to say "OK, I'm in domain.xyz and I want to find out where its IM server (for example) is." And then it does a lookup for that service record and gets an A record back so it knows where to talk to. What I'm hearing (reading?) you say is that you want general workstation functionality in the case of DC outage. That most likely means they just need to be able to get to servers and Internet sites which a standard BINDish DNS server that had a slave copy of your AD zones would be able to handle. -rd -----Original Message----- From: tech-boun...@lopsa.org [mailto:tech-boun...@lopsa.org] On Behalf Of Dustin Puryear Sent: Friday, October 01, 2010 3:25 PM To: David Magda Cc: LOPSA Tech List; gene...@brlug.net; sage-memb...@sage.org Subject: Re: [lopsa-tech] [SAGE] Offsite DNS hosting for Active Directory Well, the thing is we haven't tested it. If we can find a company that does secondary DNS hosting and says "AD certified" then they would probably get our money. :) -----Original Message----- From: David Magda [mailto:dma...@ee.ryerson.ca] Sent: Friday, October 01, 2010 2:22 PM To: Dustin Puryear Cc: gene...@brlug.net; sage-memb...@sage.org; LOPSA Tech List Subject: Re: [SAGE] Offsite DNS hosting for Active Directory On Fri, October 1, 2010 14:15, Dustin Puryear wrote: > Anyone know of a DNS hosting service that is known to play well with > hosting secondary DNS for AD DNS? > > And what are your thoughts on this in terms of security? Anyone using > a hosting service to provide secondary DNS capabilities for internal DNS? If all you need is straight-DNS, why can't use any other DNS software? Won't BIND, Unbound, etc. work if all you have to do is get zone updates from the AD master and service DNS queries? Or am I missing something about AD DNS? _______________________________________________ Tech mailing list Tech@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/ This email and any attachments may contain confidential and proprietary information of Blackboard that is for the sole use of the intended recipient. If you are not the intended recipient, disclosure, copying, re-distribution or other use of any of this information is strictly prohibited. Please immediately notify the sender and delete this transmission if you received this email in error. _______________________________________________ Tech mailing list Tech@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
