| Author | Messages | |
sslists
Posts:51
 | | 10/08/2005 9:41 AM |
| I used to work at a place where WINS and DNS were used. IMO, WINS was
faster in resolution and *just* worked but is not standard as DNS resolution
is. DNS integration with AD is a pain and can be a hassle when
troubleshooting, sometimes doing a ipconfig /flush client and flushing the
DNS on the DC's to resolve an issue. SP1 has several fixes for w2k3 DNS but
I'm sure something else will come up. :) I say we just use hosts files
again. :(
Steve
----- Original Message -----
From: "joe"
To:
Sent: Saturday, October 08, 2005 5:18 PM
Subject: RE: [ActiveDir] Adding custom fields to AD
I wasn't saying I like WINS better than DNS or vice versa, just said I
don't
like DNS. I especially dislike the AD/DNS integration. I don't like
chicken
and egg problems.
BTW, as you bring up WINS. 1. I've never had a corrupted WINS Database. 2.
Fewer admins had name resolution issues replication based issues with WINS
than they do with DNS. 3. The complexity of DNS seems to put many admins
off
the deep end, interestingly enough, the same admins who said they couldn't
figure out WINS say they know all about DNS.
But again, my comment wasn't I like WINS more than DNS, or I like any name
resolution systems better than DNS, it was simply I don't like DNS.
_____
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Tom Kern
Sent: Saturday, October 08, 2005 12:42 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: Re: [ActiveDir] Adding custom fields to AD
ok, i'll bite.
GPO's, i understand but whats there to hate about DNS?
its better than WINS.
I've never had a corrputed dns database.
thanks
On 10/8/05, joe wrote:
Yeah, GPOs aren't AD. GPOs are an application that use AD. I hate GPOs.
DNS
too.
:o)
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx
] On Behalf Of Rick Kingslan
Sent: Saturday, October 08, 2005 11:19 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Adding custom fields to AD
Interesting question - and as to the 'implode point' for ESE/Jet Blue,
Brettsh can answer that one. I'm pretty sure that we have a good idea on
where the point of diminishing returns is, but it likely FAR exceeds what
anyone might practically do today - even with added classes and
attributes.
As for why ESE - it works, it is self maintaining to a great degree, there
is very little overhead in the DB, and it is quite optimized to the type
of
work that is required for AD. Brettsh can certainly add more.
I am one for preaching more svelte attitudes on your AD. As joe
mentions -
it's for authN purposes first and foremost. It CAN handle DNS, it does
GPO
(though - truth be told the majority of GPO function is but a link to an
attribute, while the actual GPO pieces reside in SYSVOL, so not much AD -
lots of FRS), etc.
App Parts make sense in some arenas where the amount of data is going to
be
very small and contained to just a few areas. I, too, like joe advocate
ADAM. I try to sell ADAM constantly as THE solution for most anything
that
doesn't have to do with authN. Customer AppDev wants to stuff new things
into AD constantly. Partly, they don't know the down sides. Partly, they
think they have to learn something new. Partly, they don't really care if
YOUR AD is affected by their decisions, as long as they deliver the
solution
in the timeframe specified. So, it's up to you, Mr. Admin and Mr.
Architect
to tell whoever wants to use your AD, no - we don't do it that way because
it's very bad. We will use ADAM. Get used to it.
Rick
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx
] On Behalf Of Mylo
Sent: Friday, October 07, 2005 8:04 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: Re: [ActiveDir] Adding custom fields to AD
That's a good point about plonking stuff in AD.... a case of once a good
thing comes along everyone wants to climb aboard. I remember doing
ZENworks
stuff with Novell where all the application configuration information for
software distribution was shunted into NDS/E-Directory... all that bloat
adds up replication-wise (still, at least there was partitioning).
One thing I am curious about though is why MS opted for JET as the DB of
choice for AD.. was it the only viable option at the time ? What's the
ceiling on actual database size before it caves in (performance-wise)?
Mylo
joe wrote:
I am going to basically say what the other said only I am going to put
it this way
IF the data needs to be available at all locations or a majority of
locations where your domain controllers are located, consider adding
the data to AD.
IF the data is going to be needed only at a couple of sites or a single
site, put them into another store. My preference being AD/AM unless you
need to do some complicated joins or queries of the data that LDAP
doesn't support.
There is also the possibility of using app partitions but if you were
going to go that far, just use AD/AM.
The thing I have about sticking this data into AD is that AD is
becoming, in many companies, a dumping ground of all the crap that was
in all the other directories in the company. I realize this was the
initial view from MS on how this should work but I worked in a large
company and thought that was silly even then.
The number one most important thing for AD is to authenticate Windows
users.
Every time you dump more crap into AD you are working towards impacting
that capability or the capability to quickly restore or the ability to
quickly add more DCs. The more I see the one stop everything loaded
into ADs the more I think that the NOS directory should be NOS only.
Plus, I wonder how long before we hit some interesting object size
limits. I have asked for details from some MS folks a couple of times
on the issues with admin limit exceeded errors that you get when
overpopulating a normal multivalue attribute (i.e. not linked) and it
causing no other attributes to be added to the object. I wonder what
other
limits like that exist.
joe
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Steve Shaff
Sent: Tuesday, August 09, 2005 12:16 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] Adding custom fields to AD
Group,
My manager wanted me to check, even though, I don't think that it is
possible, but, I will present the question.
He would like to add some custom fields, about 30, to AD. He would
like to add bio information into AD to be pulled by Sharepoint and
other applications for people to read. I think that this is a waste of
time, space and effort. However, it is not my call and if this is what
he
wants....
What are everyone's thoughts on the topic?
Thanks
S
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
|
|