Active Directory zone delegation on BIND 9

Cricket Liu cricket at menandmice.com
Fri Oct 11 19:17:56 UTC 2002


Tom Maddox wrote:
> Cricket Liu <cricket at menandmice.com> wrote:
>> Are you sure
>> the Microsoft DNS Server is authoritative for just
>> _msdcs.example.com, _sites.example.com, _tcp.example.com, and
>> _udp.example.com, rather than example.com?
> 
> No, I'm not sure.  It looks like MS DNS is trying to make itself the
> authoritative server for all of example.com, in fact.  I've fixed
> that, but the problem, which is that queries for SRV records in the AD
> domains fail, is still extant.
> 
> Perhaps this is the root of my problem:
> Rather than explicitly create four separate zones on the Win2K DC,
> I've created one zone, example.com, with the four AD subdomains.  I've
> essentially done that out of sheer laziness, as I assume that the four
> AD zones would not get automatically updated when, e.g., new domain
> controllers are added to the AD domain.
> 
> 1)  Is that a false assumption?
> 2)  Do I just need to suck it up and create the four zones separately?

Yup.  And then make sure that your Domain Controllers try to
re-register their SRV records.  That should do it.

cricket

Men & Mice
DNS Software, Training and Consulting
www.menandmice.com

The DNS and BIND Cookbook, now available!
http://www.oreilly.com/catalog/dnsbindckbk/



More information about the bind-users mailing list