Windows 2000 interoperability with BIND 8.2.2.5

Craig Mason cmason at masontechnology.com
Tue Feb 22 23:26:29 UTC 2000 

Hi,

I'm trying something interesting. Running BIND 8.2.2.5 on Solaris 2.51
machine. Creating an Active Directory/Windows 2000 implementation. We are
attempting to use BIND DNS as the authoritative source for DNS in the
organization, instead of using Windows 2000 as the authoritative source.
We're going with a single domain that matches the currently existing root
domain inside the company (let's call it zzz.com)

".110" is a W2K host called DC1.zzz.com. The Solaris (103.14) host has been
set to be authoritative for the zzz.com domain.


I currently have an "allow-update {all;} ;" statement in the config files
for BIND to make sure I'm getting Dynamic DNS entries from the W2K Servers.
For the most part, I do indeed see all the new entries that a Windows 2000
Domain Controller will throw into the zone file. Occasionally, I get errors:

Getting the following error on the Solaris / BIND side:


"xxx" and "yyy" were added for privacy:

22-Feb-2000 12:20:08.540 update: error processing update packet (REFUSED) id
5696 from [xxx.yyy.103.110].2676
22-Feb-2000 13:16:01.116 update: error processing update packet (REFUSED) id
336 from [xxx.yyy.103.111].1944
22-Feb-2000 13:20:10.736 update: error processing update packet (REFUSED) id
5756 from [xxx.yyy.103.110].2920
22-Feb-2000 14:16:03.844 update: error processing update packet (REFUSED) id
374 from [xxx.yyy.103.111].2073
22-Feb-2000 14:20:13.497 update: error processing update packet (REFUSED) id
5816 from [xxx.yyy.103.110].3157


Looks like they are occurring each half hour.


On the W2K side we're getting:

Event Type:	Error
Event Source:	NETLOGON
Event Category:	None
Event ID:	5774
Date:		2/22/2000
Time:		11:11:54 AM
User:		N/A
Computer:	DC1
Description:
Registration of the DNS record 'gc._msdcs.zzz.com. 600 IN A xxx.yyy.103.110'
failed with the following error:
DNS server unable to interpret format.


As an eventual next step we want W2K to be secondary for the domain zzz.com.
So, we added that in, and now...

Another error we're getting is:

 Event Type:	Error
Event Source:	DNS
Event Category:	None
Event ID:	6524
Date:		2/20/2000
Time:		1:23:57 AM
User:		N/A
Computer:	DC1
Description:
Invalid response from master DNS server at xxx.yyy.103.14 during attempted
zone transfer of zone zzz.com.  Check The DNS server at xxx.yyy.103.14 and
insure that it is authoritative for this zone.  This can be done by viewing
or updating the list of authoritative servers for the zone.  When using the
DNS console, select zone zzz.com Properties at server xxx.yyy.103.14 and
click the Name Servers tab.  If needed, you can add or update this server in
the list there.  As an alternative solution, you could also modify settings
in the Zone Transfer tab to allow transfer of the zone to this and other DNS
servers

Any initial help on this sort of new implementation would be appreciated. I
know this isn't really a specific question, but I'm hoping someone can start
to point us in a direction to start to at least understand and solve the
errors.

Thanks!

... Craig

Craig Mason, MCSE, MBA
Mason Technology, Inc.
A Microsoft Certified Solutions Provider
cmason at masontechnology.com
(303) 756-3363

For additional information please see us at www.masontechnology.com

More information about the bind-users mailing list