Existing users, 
 DNS Enabler - 3.0.3sets up a DNS server with just one click |
|
||||||||||||||||
|
|||||||||||||||||
Feedback Summary:
| Version 3.0.3: | |||||
| Overall Rating: |   (3.0) |
Features: | (2.0) |
Support: | (4.0) |
| Ease of Use: | (3.0) |
Quality / Stability: | (3.0) |
Price: | (2.0) |
Key to Types of Feedback:
Reviews 
Troubleshooting 
Usage Tips 
Developer Notes 
Commentary 
Featured Reviews
Fair Software, Bad Business - Version: 3.0.3, 8/1/2008 08:38AM PST
(3 of 3 users found this comment useful)
SpafTh
You just can't put a (good) GUI on BIND - Version: 3.0.1, 12/5/2007 10:35AM PST
(6 of 6 users found this comment useful)
khiltd
I have mixed feelings about this utility. It's great for quickly roughing in some working BIND configurations, but its simplicity encourages a set-it-and-forget-it sort of attitude in users who might not be well versed in BIND administration, and this can leave them vulnerable to certain forms of attacks that could be easily prevented.
The configurations generated by DNS Enabler display full version information and allow full zone transfers to any and all who request it. Both of these things are easily corrected by adding the appropriate directives to the options section of named.conf, but such changes are immediately obliterated as soon as you restart the server. It is necessary to descend the application's bundle hierarchy to edit the template file directly if you want to secure your server--something most people in this application's target audience are probably not apt to do.
It also enforces some undesirable requirements on the NS records it will allow you to create, and no configuration changes will survive its "error" checking process; make a single mistake in dozens of entries and they are all wiped out as soon as you click the Restart button. This is frustrating and genuinely unnecessary.
While it does allow you to vend static Bonjour services (provided you know exactly how to create them from scratch anyway), it does not allow you to do what most people who are interested in leveraging Bonjour will likely expect, namely facilitate dynamic updates.
Of course, it's simply impossible to put a (comprehensible) UI on every option BIND has to offer, so a little slack has to be cut somewhere. What I think would be the most beneficial to everyone would be to have the default config files include other files (possibly in ~/Library/Application Support) that would permit the user to override or extend the default configs to suit their needs, but then again, anyone who knows how to do this will probably just use BIND directly.
Still, for quick-and-dirty setups, it's extremely handy and I've never seen it crash. Just beware that if you're running a public server with it you should probably run your zone through Cricket Liu's free config/security auditor at least once to make sure you know what you're broadcasting.
The configurations generated by DNS Enabler display full version information and allow full zone transfers to any and all who request it. Both of these things are easily corrected by adding the appropriate directives to the options section of named.conf, but such changes are immediately obliterated as soon as you restart the server. It is necessary to descend the application's bundle hierarchy to edit the template file directly if you want to secure your server--something most people in this application's target audience are probably not apt to do.
It also enforces some undesirable requirements on the NS records it will allow you to create, and no configuration changes will survive its "error" checking process; make a single mistake in dozens of entries and they are all wiped out as soon as you click the Restart button. This is frustrating and genuinely unnecessary.
While it does allow you to vend static Bonjour services (provided you know exactly how to create them from scratch anyway), it does not allow you to do what most people who are interested in leveraging Bonjour will likely expect, namely facilitate dynamic updates.
Of course, it's simply impossible to put a (comprehensible) UI on every option BIND has to offer, so a little slack has to be cut somewhere. What I think would be the most beneficial to everyone would be to have the default config files include other files (possibly in ~/Library/Application Support) that would permit the user to override or extend the default configs to suit their needs, but then again, anyone who knows how to do this will probably just use BIND directly.
Still, for quick-and-dirty setups, it's extremely handy and I've never seen it crash. Just beware that if you're running a public server with it you should probably run your zone through Cricket Liu's free config/security auditor at least once to make sure you know what you're broadcasting.
Most Recent Replies: View All 1 Replies
- You just can't put a (good) GUI on BIND
Happy user - Version: 2.1, 4/27/2007 11:13AM PST
(1 of 1 users found this comment useful)
fsjjeff
Meant to put a comment up here a couple months back but haven't had the chance. Anyway, evaluated a few DNS programs a bit back and came down to this or another product. This won out due to keeping the reverse IPs up-to-date, but was missing some DNS config options that the other product had. An email to the developer resulted in a very fast response (couple of hours if I remember correctly) with an acknowledgement that feature wasn't in the program but was being looked at, and reasonably simple workaround to accomplish what I needed. Now am running my District's DNS servers on 2 Mac Minis running this software. Easy to use and so far very reliable, not to mention impressive reponse from the developer. Kudos.
It is still possible (even easy) to produce a configuration that BIND finds unacceptable, and refuses to run. DNS Enabler offers no help at all in this situation.
Now to the business practices of Cutedge Systems. I paid for and ran DNS Enabler on Tiger for about two years, and was reasonably happy with it. It was quirky, but manageable. Then I upgraded my server (1.25-GHz G4 Mini, nice little box) to Leopard.
No DNS; my whole LAN was suffering. I tried to launch DNS Enabler, and was told it would not function under 10.5, that I needed to upgrade. I downloaded the latest version, 3.0.3, but it would not accept my serial number. It insisted I buy a new one, for another $15. [There isn't much in the way of improved functionality; it just works with the new OS.] I grumbled but paid.
However, version 3.0.3 doesn't read the configuration files of the previous version. 2.1.1 can export those files to a format that 3.0.3 CAN import, but 2.1.1 won't run anymore, so that's out.
I spent many hours recreating my DNS configuration, and wrestling with the lack of help offered by DNS Enabler. Not happy.
The upshot is that I have removed DNS Enabler from my server. It won't be coming back. Webmin (http://www.webmin.com/) works fine, for free. It requires a little more knowledge about DNS and BIND, but then when it came down to it, so does DNS Enabler, with many more headaches.