W2K AD update and Bind 9.2

Michael E. Hanson MEHanson at GryphonsGate.com
Wed Nov 12 17:15:33 UTC 2003


Actually, you can implement Active Directory without ever running an M$ DNS,
so long as the DNS which is authoritative for the zone/domain accepts
dynamic updates or has the three M$ SRV zones specified.  Since 9.2 can
accept dynamoc updates, they could easily have setup AD without setting up
an M$ DNS.

AD is NOT implemented by DNS, whether its BIND or M$ DNS makes no
difference.

Two suggestions:
1)  When you update the the DNS Zonefile on the Unix server, make sure you
increment the serial number, and restart the DNS services.
2)  If the NS entry is coming from a dynamic update someplace, track down
the machine that has the offending IP address, make sure its not running
something you don't want it to be running.  Its also POSSIBLE (but not a
normal configuration) that the entry is coming form WINS if you have WINS
configured to update DNS.  Check your cached and static WINS entries.

_______________
Michael E. Hanson
President, Gryphon Consulting Services
(http://www.GryphonsGate.com)
P.O. Box 1151
Bellevue, NE 68005-1151
(402) 871-9622

MEHanson at GryphonsGate.com (primary)
Gryphons_Master at yahoo.com


----- Original Message ----- 
From: "Barry Margolin" <barry.margolin at level3.com>
Newsgroups: comp.protocols.dns.bind
To: <comp-protocols-dns-bind at isc.org>
Sent: Monday, November 10, 2003 1:25 PM
Subject: Re: W2K AD update and Bind 9.2


> In article <boomg9$tul$1 at sf1.isc.org>, Lyn <lynkempter at hotmail.com> wrote:
> >We allow our W2000 domain controllers to update a unix
> >dns server running bind 9.2.  I need to change an NS
> >entry in the zone and can't figure out where the entry
> >comes from originally.  There seems to be no reference to it
> >in Active Directory, nor can I find any sort of stub or
> >configuration file that inserts it in the zone file.
> >I've tried changing the entry in the Unix dns zone file,
> >deleting the journal file, even deleting the zone file.
> >The offending entry keeps returning!
> >
> >I'm not a Windows expert and would be grateful if someone
> >could point me in the right direction.  No DNS server runs
> >on the Windows servers but WINS does (in what I'm told is
> >a restricted fashion).  What service is responsible for
> >sending the updates?  Is it Active Directory as I believe or
> >some other service?
>
> Yes, there's a DNS server running on the Windows server.  Open up DNS
> Manager, click right on the zone, and select Properties.  You should find
a
> Nameservers tab in there to configure the NS records.
>
> The DNS server is not BIND, it's Microsoft's DNS server that implements
> Active Directory.  So if you need further assistance, it's off-topic for
> this group; you should ask in a Microsoft group.
>
> -- 
> Barry Margolin, barry.margolin at level3.com
> Level(3), Woburn, MA
> *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to
newsgroups.
> Please DON'T copy followups to me -- I'll assume it wasn't posted to the
group.
>
>




More information about the bind-users mailing list