Bind 9.2.2 integration with AD
Brad Daut
dautb at exchange.nku.edu
Mon Jul 21 20:06:48 UTC 2003
Content-Type: text/plain
Please help,
I have been having problems getting my Windows 2003 DC to write its SRV
records to my Bind 9.2.2 server. I do have bind setup to do ddns because I
have my test dhcp clients write to a specific zone, but somehow windows 2003
AD cant write to it. Any suggestions would really be appreciated. I have
also added the eventlog errors as an attachment.
Here is my named.conf file:
#######################
begin named.conf
#######################
acl "win2kdcs" {
10.0.0.3;
10.0.0.4;
10.0.0.16;
};
options {
directory "/var/named";
notify yes;
// query-source address * port 53;
};
key DHCP_UPDATER {
algorithm HMAC-MD5.SIG-ALG.REG.INT;
secret somekey;
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "nku.edu" IN {
type master;
file "nku.edu";
allow-update { none; };
};
zone "10.in-addr.arpa" IN {
type master;
file "10.in-addr.arpa";
allow-update { none; };
};
zone "dhcp.nku.edu" {
type master;
file "dhcp.nku.edu";
allow-update { key DHCP_UPDATER; };
};
zone "dhcp.in-addr.arpa" {
type master;
file "dhcp.in-addr.arpa";
allow-update { key DHCP_UPDATER; };
};
//Windows 2000 AD zones
zone "_sites.nku.edu" {
type master;
file "ad/_sites.nku.edu";
allow-update { win2kdcs; };
};
zone "_msdcs.nku.edu" {
type master;
file "ad/_msdcs.nku.edu";
allow-update { win2kdcs; };
};
zone "_tcp.nku.edu" {
type master;
file "ad/_tcp.nku.edu";
allow-update { win2kdcs; };
};
zone "_udp.nku.edu" {
type master;
file "ad/_udp.nku.edu";
allow-update { win2kdcs; };
};
include "/etc/rndc.key";
######################
end named.conf
#######################
here is my root zone
#############
begin nku.edu
#############
$ORIGIN .
$TTL 86400
nku.edu IN SOA nku.edu. postmaster.nku.edu. (
2003114
28800
7200
604800
86400 )
nku.edu. NS 10.0.0.2
nku.edu. MX 100 mail.nku.edu
$ORIGIN nku.edu.
ns1 A 10.0.0.2
nkuserv1 A 10.0.0.3 //win2k pdc
nkuserv2 A 10.0.0.4 //nt4 dc
nkuserv3 A 10.0.0.5
exchange A 10.0.0.6 //nt4 dc
exchange MX 100 exchange
exchange1 CNAME exchange
exchange2k A 10.0.0.7
sappho A 10.0.0.8
www CNAME sappho
www2k CNAME printserv1
printserv1 A 10.0.0.10
homeserv1 A 10.0.0.11
proxy1 A 10.0.0.12
macserv1 A 10.0.0.13
chasedc1 A 10.0.0.14
labdc1 A 10.0.0.15
nkuserv2k A 10.0.0.16
backup1 A 10.0.0.17
sqldb1 CNAME printserv1
navserv1 A 10.0.0.18
vpn A 10.0.0.19
proxy A 10.0.0.20
mail A 10.1.128.3
nkuaxp CNAME mail
axp1 CNAME mail
#########
end root zone
##########
here is on of my underscore SRV files
###########
_msdcs.nku.edu
############
$ORIGIN .
$TTL 86400
_msdcs.nku.edu IN SOA _msdcs.nku.edu.
postmaster.nku.edu. (
2003114
28800
7200
604800
86400 )
_msdcs.nku.edu. NS 10.0.0.2
$ORIGIN _msdcs.nku.edu.
#############
end of _msdcs.nku.edu
#############
Thanks,
Brad
-- Attached file included as plaintext by Ecartis --
-- File: eventlog.txt
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.nku.edu.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
Possible causes of failure include:
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration
USER ACTION
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.nku.edu.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
Possible causes of failure include:
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration
USER ACTION
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'nku.edu.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
Possible causes of failure include:
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration
USER ACTION
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Dynamic registration or deregistration of one or more DNS records failed with the following error:
No DNS servers configured for local system.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
More information about the bind-users
mailing list