A lot of effort certainly went into MS DNS. Not sure about catching up with Solaris security. Mainly to improve scalability. By scalability I mean ease of integrating a large number of computers within the same security context, rather than the type of scalability that refers to a Wintel server being able to cope with as large and important a task that a Solaris server can cope with (that's already in the bag).
---
A few points:
1. Remember that DNS is strictly a locator service (as in, please look up the IP address for www.microsoft.com). Active Directory is where the "integrating a large number of computers" happens - users, computers, printers, shares, and other resources can all be found there. AD does use DNS as its native locator service.
2. There was a lot of work done on DNS for Windows 2000. It now supports dynamic updates (DDNS), incremental zone transfers, and other features.
3. Security has been completly revamped for Win2000. The native on-the-wire security protocol is now Kerberos v5. You'll also find L2TP, IPSEC, improved public-key certificate support, and more. Of course, "legacy" procotols are still supported for interop with NT 4, Win 9x, etc.
- Eric |
