ActiveDirectory dynamic dns updates to bind9?

Thomas Jachmann hoto99 at gmx.de
Tue Aug 26 08:53:16 UTC 2003


I now got it working - well, it seems so... After installing tcpdump on the
Linux box, I saw that the domain controller actually sent requests to BIND
but it responded with NXDOMAIN. If I understand this properly, BIND told the
domain controller that it's not authoritative for the requested zones,
right? I changed several settings and changed them back, suddenly it worked.
I now tried to reproduce this, finally got it not working again, and solved
it again. Windows domain controllers need the sub domains _msdcs, _sites,
_tcp, _udp within the domain it controls. When the domain controller
successfully registered it's entries, BIND created .jnl files for each of
those zones. In order to reproduce the above mentioned behaviour, I did the
following:

When I stopped BIND, deleted the .jnl files, changed the zone files
(increasing the serial), and restarted BIND, it didn't work any more. Then I
used nsupdate to add a CNAME to one of the sub domains mentioned above,
which created the .jnl file for that zone. After that, the domain controller
could update the zones as well. I don't understand this behaviour. Actually,
nsupdate and the domain controller should send the same update requests,
right? But BIND acts somehow differently. Anybody had this behaviour before?

Regards,
Thomas




More information about the bind-users mailing list