Using Unix Bind 9.2 for Domain controller

Cricket Liu cricket at menandmice.com
Sun Dec 16 17:35:58 UTC 2001 

> I have read the MS setup for using Bind for the Domain controllers DNS, I
> have also read the article on BIND rejecting _msdcs transfers.
> The DNS nameserver is named Alderaan.empire.intranet on a internal
> 192.168.1.102 address
>
> After putting all suggested configurations into place when I try to do a
> dcpromo and get to the part where it looks for the DNS I get :
>
> Diagnostic 1
>
> The wizard encountered an error while trying to determine if the DNS
server
> with which this domain controller will register supports dynamic updates.
>
> For more information, including steps to correct this problem, see Help.
>
> Details
>
> The primary master DNS server tested was: Alderaan ()
>
> The zone was: empire.intranet
>
> The test for dynamic DNS update support returned:
>
> "DNS server failure."
>
> (error code 0x0000232A RCODE_SERVER_FAILURE)
>
> I did check my configuration to be sure that I allowd updates following is
> my /etc/named.conf
>
> // BIND configuration file
>
>
> options {
>                 directory "/var/named";
> };
>
>
> //#####################################################
> //           Information for empire.intranet
> //#####################################################
> zone "empire.intranet" in {
>    type master;
>    file "empire.intranet.zone";
>    allow-update { any; };
> };

That's fine, though you might want to limit dynamic updates to the IP
address of the Domain Controller.

> $TTL 86400
> @       IN      SOA  Alderaan.  postmaster.empire.intranet (
>                 10              ; Serial
>                 10800           ; Refresh
>                 3600            ; Retry
>                 604800          ; Expire
>                 86400           ; ttk
>                 )
>
> ;
> ; Name Servers
> ;
>
>         IN      NS      Alderaan.empire.intranet.
>         IN      NS      24.31.3.8

NS records need domain names in their RDATA, not IP addresses.

> ;
> ; Addresses for canonical names ordered by IP Address
> ;
>
> Alderaan.               IN      A       192.168.1.102
>
> kristen-xp.             IN      A       192.168.1.110
>
> deathstar.              IN      A       192.168.1.50
>
> Can someone explain why this isnt working?
>
> Is it a bug in .Net or in Bind?

Neither.  Your zone data is messed up.  You seem to be using trailing
dots in some cases and omitting them in others.  In the NS record,
you call the name server alderaan.empire.intranet, but you have an
address record attached to just "alderaan."  That's not going to work.

cricket

Men & Mice
DNS Software, Training and Consulting
www.menandmice.com

Attend our next DNS and BIND class!  See
http://www.menandmice.com/8000/8000_dns_training.html
for the schedule and to register for upcoming classes

More information about the bind-users mailing list