verify that my active directory zones and srv records

Eamon Murchan eamon.murchan at arup.com
Mon Mar 29 18:32:42 UTC 2004 

Hello Barry,

Thanks for the help. I found a very useful utility on the Microsoft web
site. This utility works a treat. I will enclose the URL in the event that
it will help you at some point.

http://support.microsoft.com/default.aspx?scid=kb;EN-US;321045

 

-----Original Message-----
From: Barry Finkel [mailto:b19141 at achilles.ctd.anl.gov] 
Sent: 12 March 2004 14:36
To: bind-users at isc.org
Cc: eamon.murchan at arup.com
Subject: Re: verify that my active directory zones and srv records 

Eamon Murchan <eamon.murchan at arup.com> wrote:

>I am a BIND user, can anyone advise on a Windows based application or 
>tool to verify that my active directory zones and srv records have
integrity.
>>From documentation on the internet I have read about Windows based DNS 
>>lint
>applications, will they verify that my active directory zones and srv 
>records have integrity. If so can anyone recommend a flavour. Thanks in 
>advance.

I know of no utility outside of looking at the zone contents and knowing
what records are supposed to be there.  For example:

_msdcs.example.com:

05154b8d-819f-4eb8-a853-33d6610f8d18  10M IN CNAME  dc1.example.com.

_ldap._tcp.site1._sites.dc  10M IN SRV  0 100 389 dc1.example.com.
_kerberos._tcp.dc       10M IN SRV      0 100 88 dc1.example.com.

You need to have SRV records for each DC in the AD forest.
And you need a CNAME record for each DC.  I would assume that if you see one
SRV record for each DC in each of the four (six for W2003) zones, then all
of the required SRV records will be in the zones.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Instrumentation Solutions Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
Building 222, Room D209              Internet: BSFinkel at anl.gov
Argonne, IL   60439-4828             IBMMAIL:  I1004994

___________________________________________________________________
Electronic mail messages entering and leaving Arup business
systems are scanned for acceptability of content and viruses.

More information about the bind-users mailing list