win 2k3 ads and bind 9.2.1 integration

Sten Carlsen ccc2716 at vip.cybercity.dk
Tue Aug 2 16:47:09 UTC 2005 

You set the "ads.company.com" zone as MASTER, is that what you need? The 
master is expected to have all the info available for the zone.

I would expect that it should be set slave to the w2k3 servers and grab 
all info from them by normal axfr.

Just a question to think about, I never worked with w2k3.

Jamie Crawford wrote:

>Hello,
>I've got a domain structure of "company.com". I've seperated active =
>directory by creating its own subdomain of "ads.company.com".   We are =
>using bind 9.2.1 for our root domain of "company.com" and I want to use =
>the Windows2k3 servers to handle all the active directory dns requests in =
>"ads.company.com".  I want to do this without changing our client =
>configurations through dhcp.  Through documentation I've read on the web =
>and books (Oreilly Active Directory Cookbook for 2k3 and 2k pg 551-552) =
>all I should have to do is enter this in my /etc/named.conf and the 2k3 dc =
>should dynamically update my zone files with all relevant information.
>
>###/etc/named.conf####
>
>zone "ads.company.com" IN {
>type master;
>file "db.ads.company.com";
>allow update { ip of dc's;  };
>};
>
>###db.ads.company.com###
>$TTL 3600
>@ IN SOA ads1.ads.company.com. hostmaster.ads.company.com. ( 1025 900 600 =
>86400 3600 )
>
>ads.company.com.   IN  NS  ads1
>ads.company.com.   IN  NS  ads2
>ads1  IN   A   15x.xxx.xxx.xxx
>ads2  IN   A   15x.xxx.xxx.xxx
>
>
>After restarting bind and restarting the domain controllers, I expected to =
>have the domain controllers to dynamically update the zone file with all =
>the relevant information that would be in the netlogon.dns file. To my =
>surprise, no updates occured.  Instead I got the domain controllers trying =
>to update my reverse zone of "xx.xxx.in-addr.;arpa/IN' denied" and =
>erroring out with the usual "cant update dns message"  I then went into =
>the reverse zone config in named.conf and allowed both domain controllers =
>to "allow-updates". I restarted named and the dc's and=20
>that made the dc's happy, but it didn't update my ads.company.com zone =
>file with any information.
>
>If anyone has any ideas or experience where to go next, it would be =
>greatly appreciated.
>
>Thanks,
>jamie
>
>
>
>
>  
>

-- 
Best regards

Sten Carlsen

Let HIM who has an empty INBOX send the first mail.

More information about the bind-users mailing list