Active Directory zone delegation on BIND 9

Barry Finkel b19141 at
Fri Oct 11 15:27:23 UTC 2002

Tom Maddox <tmaddox at> wrote:

>Hmm, I'm pretty sure that cross-posting to those three groups in 
>particular is going to call down *someone's* wrath upon me.  Oh well,
>I have little choice but to be as a lover in France and throw cochon 
>to the wind.
>Anyway, I'm setting up Active Directory to (theoretically) interact
>with BIND 9 on Linux.  Specifically, I want to delegate the four 
>zones, _udp, _tcp, _msdcs, and _sites, to the Win2K box.  It looks like
>DNS is configured properly on the Win2K server, in that DNS is running,
>dynamic updates are permitted, and the name table appears to have all
>the appropriate entries for AD.  Here's what I've got in the master
>zone file:
>_msdcs                  NS      wbrdc
>_sites                  NS      wbrdc
>_tcp                    NS      wbrdc
>_udp                    NS      wbrdc
>"wbrdc" is the name of the domain controller that's performing name
>I'm clearly missing something, and it's probably something stupid.
>Any thoughts on what it is?

Cricket also replied with some useful information  But I have a
question.  Are you seeing any error messages or other things in W2k
that lead you to believe that there is a problem?  Basically, you did
all that you need to do, assuming that the unqualified NS nodename


when expanded to the fully qualified name

is the full nodename of your W2k DC.  For more information on BIND, DNS,
and W2k search the archives of this maillist.
Barry S. Finkel
Electronics and Computing Technologies Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
Building 222, Room D209              Internet: BSFinkel at
Argonne, IL   60439-4828             IBMMAIL:  I1004994

More information about the bind-users mailing list