Integrating BIND with Active Directory
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Wed Sep 4 22:07:32 UTC 2002
>
> Kevin Darcy <kcd at daimlerchrysler.com> wrote in message news:<al3lln$9mil$1 at is
> rv4.isc.org>...
> > Marion Bogdanov wrote:
> >
> > > Anyone,
> > > If you have successfully integrated BIND 9.2 with Windows 2000 AD please
> > > respond to this post. I like to talk to you more about it.
> >
> > Well, there's basically two types of BIND/AD integration:
> >
> > 1) give (via delegation) AD a part or parts of your namespace and let it do
> > whatever it wants,
> >
> > or
> >
> > 2) put the SRV records, etc. that AD requires into your existing namespace
> >
> > There are a couple different variations on #2:
> >
> > 2a) Collect the DNS data from the domain controllers and shove it into your
> > zone(s),
> >
> > or
> >
> > 2b) Open up your zone(s) to Dynamic Update and let them write their own
> > records.
> >
> > I've implemented (2b). I understand that others in this forum have
> > implemented (1).
> >
> >
> > - Kevin
>
>
> Kevin,
> I'm trying to do the same. I have read this article from microsoft:
> http://research.microsoft.com/programs/up_content/bind.doc
> To my understanding, there need to be subdomain zones (ie
> _msdc.domain.edu, _tcp.domain.edu, _sites.domain.edu, _udp.domain.edu)
> in addition to the master zone file that should be created on the BIND
> server. These subdomain zones are the ones that should be updated
> dynamically, correct? When implementing 2b, do you mean you
> dynamically update the subdomain zones?
>
> Up until yesturday, I didn't have the subdomain zones, and I was
> receiving the following message in the /var/log/message file:
>
> Aug 22 16:06:31 hostPC named[2757]: client 192.168.0.10#1330: transfer
> of 'domain.edu/IN': send: connection reset
> Aug 22 16:09:56 hostPC named[2757]: client 192.168.0.10#1033: updating
> zone 'domain.edu/IN': adding an RR
> Aug 22 16:09:56 hostPC named[2757]: zone domain.edu/IN: sending
> notifies (serial 2002082110)
> Aug 22 16:09:59 hostPC named[2757]: client 192.168.0.10#1079: updating
> zone 'domain.edu/IN': adding an RR
> Aug 22 16:09:59 hostPC named[2757]: zone domain.edu/IN: sending
> notifies (serial 2002082110)
> Aug 22 16:15:21 hostPC named[2757]: client 192.168.0.10#1132: updating
> zone 'domain.edu/IN': adding an RR
> Aug 22 16:15:21 hostPC named[2757]: zone domain.edu/IN: sending
> notifies (serial 2002082110)
> Aug 22 16:15:47 hostPC named[2757]: client 192.168.0.10#1159: updating
> zone 'domain.edu/IN': deleting an RR
> Aug 22 16:15:47 hostPC named[2757]: zone domain.edu/IN: sending
> notifies (serial 2002082111)
>
> *** Aug 22 16:26:16 hostPC named[2757]: client 192.168.0.10#1039:
> updating
> *** zone 'domain.edu/IN': update failed: 'name not in use'
> prerequisite not
> *** satisfied (YXDOMAIN)
>
> Aug 22 16:26:40 hostPC named[2757]: client 192.168.0.10#1042: updating
> zone 'domain.edu/IN': update failed: 'RRset exists (value dependent)'
> prerequisite not satisfied (NXRRSET)
> Aug 22 16:26:40 hostPC named[2757]: client 192.168.0.10#1045: updating
> zone 'domain.edu/IN': adding an RR
> Aug 22 16:26:40 hostPC named[2757]: zone domain.edu/IN: sending
> notifies (serial 2002082112)
>
> *** Aug 22 16:30:22 hostPC named[2757]: client 192.168.0.10#1036:
> updating
> *** zone 'domain.edu/IN': update failed: 'name not in use'
> prerequisite not
> *** satisfied (YXDOMAIN)
>
> Aug 22 16:30:27 hostPC named[2757]: zone domain.edu/IN: sending
> notifies (serial 2002082112)
>
>
> The messages in *** are the ones that are troubling me. I research on
> the net but I'm not able to piece the puzzle. I hope the addition of
> the subdomain zone files resolves this issue.
>
> Can you make anything out of the *** messages?
Have you read RFC 2136?
>
> Thanks,
> Boomer
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list