Confusing Log message

Barry Margolin barmar at alum.mit.edu
Thu May 6 00:28:13 UTC 2004


In article <c7bkjt$1f3f$1 at sf1.isc.org>,
 "Michael Barber" <mikeb at comcity.com> wrote:

> Can someone tell me what the meaning of this log message is:
> 
> denied query from [204.127.202.36].53 for "_ldap._tcp.
> Default-First-Site-Name._sites.dc._msdcs.wvms.com" SRV/IN
> 
> What does this mean: Default-First-Site-Name._sites.dc._msdcs.wvms.com"
> SRV/IN  ?  Should someone be jerking my name server around like this?

_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.wmvms.com is the 
name of a record that the device with IP address 204.127.202.36 was 
trying to look up, and it was trying to look up a record with type SRV.  
These are used by Microsoft Active Directory services as ways to find 
servers -- in this case, I presume it's trying to find an LDAP server on 
your network.  The component "Default-First-Site-Name" suggests that the 
machine is not properly configured with your site's Windows domain.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***


More information about the bind-users mailing list