Active Directory zone delegation on BIND 9
Cricket Liu
cricket at menandmice.com
Fri Oct 11 19:17:56 UTC 2002
Tom Maddox wrote:
> Cricket Liu <cricket at menandmice.com> wrote:
>> Are you sure
>> the Microsoft DNS Server is authoritative for just
>> _msdcs.example.com, _sites.example.com, _tcp.example.com, and
>> _udp.example.com, rather than example.com?
>
> No, I'm not sure. It looks like MS DNS is trying to make itself the
> authoritative server for all of example.com, in fact. I've fixed
> that, but the problem, which is that queries for SRV records in the AD
> domains fail, is still extant.
>
> Perhaps this is the root of my problem:
> Rather than explicitly create four separate zones on the Win2K DC,
> I've created one zone, example.com, with the four AD subdomains. I've
> essentially done that out of sheer laziness, as I assume that the four
> AD zones would not get automatically updated when, e.g., new domain
> controllers are added to the AD domain.
>
> 1) Is that a false assumption?
> 2) Do I just need to suck it up and create the four zones separately?
Yup. And then make sure that your Domain Controllers try to
re-register their SRV records. That should do it.
cricket
Men & Mice
DNS Software, Training and Consulting
www.menandmice.com
The DNS and BIND Cookbook, now available!
http://www.oreilly.com/catalog/dnsbindckbk/
More information about the bind-users
mailing list