Problems Resolving Active Directory Entries
Ronan Flood
ronan at noc.ulcc.ac.uk
Fri Dec 10 15:22:00 UTC 2004
On Thu, 9 Dec 2004 15:41:42 -0500,
Jiann-Ming Su <sujiannming at gmail.com> wrote:
> [ns-master]$ dig _TCP.ad.mydomain.bogus. -t SOA
>
> ; <<>> DiG 9.2.2 <<>> _TCP.ad.mydomain.bogus. -t SOA
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36824
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
It has agreed to recurse for your query, done the lookup, and found
no answer.
> Notice that nothing returns. But, if I specify the localhost to query:
>
> [ns-master]$ dig @127.0.0.1 _TCP.ad.mydomain.bogus. -t SOA
>
> ; <<>> DiG 9.2.2 <<>> @127.0.0.1 _TCP.ad.mydomain.bogus. -t SOA
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18235
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
It refused to recurse and instead returned a referral.
Do you have an allow-recursion option in your named.conf?
> ;; QUESTION SECTION:
> ;_TCP.ad.mydomain.bogus. IN SOA
>
> ;; AUTHORITY SECTION:
> _TCP.ad.mydomain.bogus. 86400 IN NS dc1.ad.mydomain.bogus.
> _TCP.ad.mydomain.bogus. 86400 IN NS dc2.ad.mydomain.bogus.
>
> ;; ADDITIONAL SECTION:
> dc1.ad.mydomain.bogus. 86400 IN A 192.168.209.166
> dc2.ad.mydomain.bogus. 86400 IN A 192.168.209.167
What do you get if you query dc1.ad and dc2.ad directly? For example
[ns-master]$ dig @192.168.209.166 _TCP.ad.mydomain.bogus. -t SOA +norec
--
Ronan Flood <R.Flood at noc.ulcc.ac.uk>
working for but not speaking for
Network Services, University of London Computer Centre
(which means: don't bother ULCC if I've said something you don't like)
More information about the bind-users
mailing list