Active Directory & Bind on Unix

[Kevin Darcy]

BIND 8.1 supports SRV records. If you just want to maintain SRV records for
your DC's statically, I think BIND 8.1 should work fine. Just grab the
C:\WINNT\SYSTEM32\CONFIG\NETLOGON.DNS files from the DC's and paste them into
the zone file(s). Or, if you're a masochist and want to actually type in the
records, look at RFC 2782 for the SRV RR master-file format.

Since the SRV records are subject to change, normally Win2K DC's maintain their
own records through Dynamic Update, and that probably requires BIND 8.2 or
above because of some of the quirkiness of how Win2K does Dynamic Update. Note
that if you enable Dynamic Update for a zone, you can't effectively maintain
that zonefile manually any more -- now you have to do *all* updates for the
zone through Dynamic Update. For this reason, many administrators choose to
delegate Active-Directory-specific subzones and only enable those for Dynamic
Update, see http://www.nominum.com/resources/faqs/bind-faq.html#w2k. In
addition to the _msdcs subzone mentioned in that FAQ, you might also want to
create _tcp, _udp and _sites subzones.


- Kevin


mark wrote:

> Hi,
> Can anyone help me?  I have an Win2k Server running AD and I wanted to add a
> secondary AD domain controller.  I cant do this and I'm told it's DNS
> problem.
> Firstly the master DNS server sits on Sco Unix.  I did have the PDC as a
> slave to this the Unix box running ok.  The only thing is it's using bind
> 8.1 and I'm told I need 8.2 so that I can support SRV records.  I have 2
> questions on this...
> 1. I had a look on bind.com for he lastest release but I'm not sure if it
> will compile on Sco ( not much compiles on Sco & I dont want to much up my
> Master DNS server )
> 2. Is there any documentation on how to setup SRV records in Unix BIND?
>
> I'm really stuck here and would really appreciate any help!
> Thanks