Supporting domaindnszones forestdnszones in Active Directory
Martin McCormick
martin at dc.cis.okstate.edu
Wed Jul 7 21:44:13 UTC 2004
One of the models for supporting Microsoft Active Directory
with bind is to create 6 zones of the form _msdcs.ad.my.domain,
_sites.ad.my.domain, etc. I am looking at the zone file from a
running MS DNS and most of it fits right in to the way DNS and Bind
4TH Edition describes it as well as some helpful souls on this list
who had related their experiences. One thing confuses me, however,
and I must figure it out if we are to begin providing service for our
AD environment.
I defined two more zones called
_domaindnszones.ad.my.domain and _forestdnszones.ad.my.domain but when
I look at the actual zone transfer output, I see something like:
DomainDnsZones.ad.my.domain. 600 IN A 169.254.241.253
_ldap._tcp.OZX._sites.DomainDnsZones.ad.my.domain. 600 IN SRV
0 100 389 OZXdc02.ad.my.domain.
It looks like there is a bunch of records in the domain
domaindnszones.ad.my.domain. I do not see the word forest anywhere in
any form in the zone so I assume this server isn't using that domain.
The question is whether or not there needs to be an underscore _
in that name like the 4 Windows 2000 zones or not?
I certainly thought there was supposed to be one, but all the records
for that domain have none. The domain simply reads
domaindnszones.ad.my.domain.
Is there a problem with the MS DNS or should I set up
domaindnszones and forestdnszones sans _?
I am writing a shell script to filter out all those zones from
the ad.my.domain zone and, of course, the bind dns must be looking for
the right record names for it to work with those 2 Windows2003 zones.
Thank you
Martin McCormick 405 744-7572 Stillwater, OK
Information Technology Division
Network Operations Group
More information about the bind-users
mailing list