ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Windows AD DNS Server Per NIC Responses with ZeroTier

    Scheduled Pinned Locked Moved IT Discussion
    windowsactive directorydnswindows dnszerotier
    31 Posts 5 Posters 5.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @dafyre
      last edited by scottalanmiller

      @dafyre said:

      You know as well as I do that a Lab environment needs to be isolated from the network.... can. I want to know if the tech can do what I want it to do. No other reason is necessary.

      This is the bit that I was concerned about. Lacking the lab isolation that I was suggesting. I realize not everyone needs their lab fully isolated, just seems simpler since it would be safer, easier and fix the issue that this thread was about all in one step. I'm saying that a fully isolated lab is easier.

      1 Reply Last reply Reply Quote 0
      • DashrenderD
        Dashrender
        last edited by

        Also, wouldn't this lab still be fully part of the AD network since it's using the same DNS servers? If the answer is yes, then it's not really a lab, it's an extension of the production network.

        scottalanmillerS 1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @Dashrender
          last edited by

          @Dashrender said:

          Also, wouldn't this lab still be fully part of the AD network since it's using the same DNS servers? If the answer is yes, then it's not really a lab, it's an extension of the production network.

          No, not in that way. AD would be extended by LDAP and Kerberos. DNS is just a lookup service. Although this would theoretically expose information about AD, not very much. For full separation you would go with separate DNS in each place. But sharing DNS is pretty trivial as exposure goes.

          DashrenderD 1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @scottalanmiller
            last edited by

            @scottalanmiller said:

            @Dashrender said:

            Also, wouldn't this lab still be fully part of the AD network since it's using the same DNS servers? If the answer is yes, then it's not really a lab, it's an extension of the production network.

            No, not in that way. AD would be extended by LDAP and Kerberos. DNS is just a lookup service. Although this would theoretically expose information about AD, not very much. For full separation you would go with separate DNS in each place. But sharing DNS is pretty trivial as exposure goes.

            if the lab machines aren't part of AD, how are they adding entries to DNS? This is all assuming a Windows DNS.

            scottalanmillerS 1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @Dashrender
              last edited by

              @Dashrender said:

              if the lab machines aren't part of AD, how are they adding entries to DNS? This is all assuming a Windows DNS.

              I think that I missed that they were adding their own entries. You can add things manually to DNS.

              1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller
                last edited by

                If you use Windows for DHCP, Linux can update DNS records that way without being part of AD:

                http://www.virtxpert.com/allow-linux-to-register-records-with-windows-dns-and-dhcp/

                1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller
                  last edited by

                  I mention Linux here because it is the most extreme case. If Linux can do it, Windows can too.

                  1 Reply Last reply Reply Quote 0
                  • dafyreD
                    dafyre
                    last edited by

                    Chances are if Linux can do it, it probably does it better than Windows, lol.

                    scottalanmillerS Reid CooperR 2 Replies Last reply Reply Quote 2
                    • scottalanmillerS
                      scottalanmiller @dafyre
                      last edited by

                      @dafyre said:

                      Chances are if Linux can do it, it probably does it better than Windows, lol.

                      And even moreso when virtualized.

                      1 Reply Last reply Reply Quote 1
                      • Reid CooperR
                        Reid Cooper @dafyre
                        last edited by

                        @dafyre said:

                        Chances are if Linux can do it, it probably does it better than Windows, lol.

                        I would second that.

                        1 Reply Last reply Reply Quote 0
                        • 1
                        • 2
                        • 2 / 2
                        • First post
                          Last post