January 28, 2001, 4:23 PM — If you're planning a Windows 2000 Server domain migration, a solid DNS strategy to support deployment of Windows 2000's Active Directory (AD) is the first among your many concerns.
In companies that currently run DNS on non-Windows platforms, the factors that guide your DNS integration decisions could well be based less on technology than on corporate politics and religion. As the Windows 2000 architect, it's your job to arm yourself with the appropriate technical information to fight those political and religious battles as they arise.
Position yourself to offer solutions rather than problems. This and my next few columns on AD/DNS integration strategies should help.
Our story so far...
In my last column, I discussed in some detail how AD uses DNS to advertise services such as AD domain controllers and Global Catalog servers. I also identified why AD's base DNS requirements -- support for SRV resource records and Dynamic DNS -- are critical to a smooth AD deployment.
In addition, I laid out the three migration strategies commonly used by organizations who currently host DNS on platforms other than Windows NT or Windows 2000. To recap, those approaches are as follows: (1) Migrate your current system to Windows 2000-based DNS servers; (2) use your current DNS environment to support AD's DNS requirements; or (3) integrate Windows 2000 DNS servers into your current DNS environment. With this column, I begin to cover each of those three scenarios in more detail, starting with the first option -- migrating your current system to Windows 2000-based DNS servers.
While your current DNS may be deployed on any number of different platforms, I'll focus those columns only around integration with Unix (or Unix variant-based) DNS servers, since they account for the greatest population of DNS servers.
Organizational and technical considerations
I don't want to prejudge, but I think it's a safe bet that many Unix administrators have a general mistrust of Microsoft products. Depending on the personalities in your organization, therefore, planning for full-scale migration from Unix-based DNS to Windows 2000 AD/DNS services could be a hard-fought battle with little chance for success.
In addition, if another group in your organization is already managing DNS, consider whether you really want to champion the idea of bringing the service under your umbrella. Depending on the size of your organization, taking on DNS responsibilities could require that you cultivate greater DNS expertise than you might already have. It could also require a significant support commitment by your department.