VMware Cloud Community
Ranger_rkm
Contributor
Contributor
‎10-07-2008 07:35 PM

ESX Server 3.5 and Active Directory DNS Question

Hello,

I would like to know the best way ti implement DNS on a Active Directory Integrated DNS. I thought about using split DNS. Where one section would be integrated and the other would not.

Any ideas.

Thanks,

Mike

0 Kudos
5 Replies
TomHowarth
Leadership
Leadership
‎10-07-2008 10:50 PM

Personally I tend to create cnames and Ptr records in what ever the current environemnt is. why complicate the envrionment when all you really need are a number of CNames and PTR records pointing to the ESX hosts.

If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points

Tom Howarth

VMware Communities User Moderator

Tom Howarth VCP / VCAP / vExpert
VMware Communities User Moderator
Blog: http://www.planetvm.net
Contributing author on VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment
Contributing author on VCP VMware Certified Professional on VSphere 4 Study Guide: Exam VCP-410
0 Kudos
Ranger_rkm
Contributor
Contributor
‎10-08-2008 02:59 AM

Hello,

If I'm using Active Directory Intergrated DNS, my ESX Server hosts will not be able to talk with my secure zones, without authenicating. The only solution is to have a seperate not authenicating zone?

Thanks,

-Mike

0 Kudos
Texiwill
Leadership
Leadership
‎10-08-2008 07:11 AM

Hello,

I do not use AD but I use DNS with just PTR records as well.


Best regards,

Edward L. Haletky

VMware Communities User Moderator

====

Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.

CIO Virtualization Blog: http://www.cio.com/blog/index/topic/168354

As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos
nabsltd
Enthusiast
Enthusiast
‎10-08-2008 09:11 AM

The secure zones are only for updates, not for queries.

You can manually enter the records for the various VMware needs (ESX servers, Virtual Center server, etc.) and everything should work just fine.

0 Kudos
TomHowarth
Leadership
Leadership
‎10-08-2008 01:23 PM

Not true, as nabsltd has already stated, authentication is only for updates not queries. and manual entries can be created directly in the DNS console. I know do it all the time.

If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points

Tom Howarth

VMware Communities User Moderator

Tom Howarth VCP / VCAP / vExpert
VMware Communities User Moderator
Blog: http://www.planetvm.net
Contributing author on VMware vSphere and Virtual Infrastructure Security: Securing ESX and the Virtual Environment
Contributing author on VCP VMware Certified Professional on VSphere 4 Study Guide: Exam VCP-410
0 Kudos