Microsoft Active Directory and bind serial numbers

[Joe Kattner]

Steve,

The issue isn't just with active directory, it is with any zone that
allow dynamic updates. Once you set a zone to allow dynamic updates
from any source you should never edit the files by hand. BIND maintains
the zone in memory and writes to the file as it needs to.

Use nsupdate to send your updates.

--Joe


I'm having a problem with using some bind 9.2.1 servers along with MS
Active Directory. The servers in question are running under Solaris 2
(one master, with two slaves on-site and two slaves upstream). The
Active Directory part seems to work fine, but I try to update the file
by hand sometimes. Sometimes the changes disappear and I have to apply
them again. Updates happen frequently, and the serial number never
changes. I can increment it by hand, but it will get set back within
minutes.

How can I fix this? Can I not add records to a zone that's being used
by Active Directory?

Thanks!