verify that my active directory zones and srv records
Barry Finkel
b19141 at achilles.ctd.anl.gov
Fri Mar 12 14:35:53 UTC 2004
Eamon Murchan <eamon.murchan at arup.com> wrote:
>I am a BIND user, can anyone advise on a Windows based application or tool
>to verify that my active directory zones and srv records have integrity.
>>From documentation on the internet I have read about Windows based DNS lint
>applications, will they verify that my active directory zones and srv
>records have integrity. If so can anyone recommend a flavour. Thanks in
>advance.
I know of no utility outside of looking at the zone contents and
knowing what records are supposed to be there. For example:
_msdcs.example.com:
05154b8d-819f-4eb8-a853-33d6610f8d18 10M IN CNAME dc1.example.com.
_ldap._tcp.site1._sites.dc 10M IN SRV 0 100 389 dc1.example.com.
_kerberos._tcp.dc 10M IN SRV 0 100 88 dc1.example.com.
You need to have SRV records for each DC in the AD forest.
And you need a CNAME record for each DC. I would assume that if you
see one SRV record for each DC in each of the four (six for W2003)
zones, then all of the required SRV records will be in the zones.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Instrumentation Solutions Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: BSFinkel at anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994
More information about the bind-users
mailing list