How can I use a Non-Microsoft DNS server

to support AD
Posted by Systech Admin on July 13th, 2010 | No Comments

A fairly decent percentage of Active Directory (AD) implementations aren?t running on

Microsoft Domain Name System (DNS) servers. In many cases, AD was brought into the
environment long after DNS was up and running, typically on UNIX-based servers. In such
cases, the company wasn?t about to ditch its existing DNS infrastructure just to accommodate
AD.

Fortunately, you don?t have to scrap your existing DNS infrastructure. AD works quite well with
non-Microsoft DNS servers, provided the servers support, at a minimum, the storage of SRV
resource locator records. SRV support was first added to the industry-standard Berkeley Internet
Name Distribution (BIND) in version 8.1.2, and most every new DNS server available supports
SRV records.

AD will be considerably easier to work with if your DNS server also supports dynamic DNS
(DDNS). Most newer builds do, but for security reasons, most DNS administrators disable this
feature. Microsoft?s DNS server supports secured DDNS through the use of Kerberos
authentication, but Microsoft DNS server is about the only one to do so. If your DNS server
doesn?t, or can?t, support DDNS, you?ll need to manually create the necessary SRV records for
each domain controller in the AD domain.