bind as slave DNS to windows AD dns server

b19141 at anl.gov b19141 at anl.gov
Thu May 21 12:57:54 UTC 2009 

Aleksander Kamenik <aleksander at krediidiinfo.ee> wrote:

>I'm trying to setup BIND named to be a slave a MS Windows 2008 server's 
>AD domain.
>
>I set it up to be the slave and it works fine and I can resolv A records 
>from the domain on the slave bind. However I can't resolve some SRV 
>records like
>
>_ldap._tcp.dc._msdcs.DOMAIN
>
>Without this functionality a windows PC is unable to connect to the 
>windows domain.
>
>At first it looked like the Windows DNS server gave BIND a partial zone 
>file. Later after some googling I realized it has something to do with 
>dynamic updates which I don't know how to set up and am not familiar with.
>
>Most google replies deal with setting up bind as the master server. Is 
>it at all possible for BIND to act as a slave and forward the SRV 
>updates to the master? If so, please point me to relevant documentation.

What zones are you slaving on your BIND server?  There should be six:

     DomainDNSZones.example.com
     ForestDNSZones.example.com
     _msdcs.example.com
     _sites.example.com
     _tcp.example.com
     _udp.example.com

If you have these six zones slaved on your BIND server, and these zones
are being transferred successfully, then there should be no problems.
See the archives of this list, where there have been many
BIND/AD-related postings over the past years.

You wrote:

     Is it at all possible for BIND to act as a slave and forward the
     SRV updates to the master?

I am not sure what you mean?  The Windows Domain Controllers will send
any SRV updates to the Windows DNS Server, if the AD structure is
properly configured.  Client machine might ask your BIND servers for
SRV information, but the DCs should not be sending dynamic DNS updates
to your BIND slave for SRV records.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
Building 222, Room D209              Internet: BSFinkel at anl.gov
Argonne, IL   60439-4828             IBMMAIL:  I1004994

More information about the bind-users mailing list