Windows 2003 AD

Norman Zhang norman.zhang at rd.arkonnetworks.com
Mon Sep 13 20:46:34 UTC 2004


Vinny Abello wrote:
> You're better off asking in a Windows 2003 group, but I can tell you the 
> reason is because your Windows machine is trying to do a secure dynamic 
> update and BIND doesn't understand it. This has nothing to do with rndc.
> 
> allow-update should have IP addresses in it, not a key file.

Thanks. I updated

allow-update { 10.1.1.0/24; };

now I get

The SOA query for _ldap._tcp.dc_msdcs.hq.arkonnetworks.com to find the 
primary DNS server returned:
This operation returned because timeout period expired. (error code: 
0x000005B4 "ERROR_TIMEOUT")

Should I do a CNAME for _ldap._tcp.dc_msdcs?

Regards,
Norman

> At 03:02 PM 9/13/2004, Norman Zhang wrote:
>> I'm trying to setup Windows 2003 AD with Bind 9.2.3-6mdk running on
>> Mandrake 10.0. But I get the following error message during setup for AD,
>>
>> The primary DNS server tested was: ns.hq.arkonnetworks.com (10.1.1.1)
>>
>> The zone was: hq.arkonnetworks.com
>>
>> The test fro dynamic DNS update support returned: "DNS bad key." (error
>> code 0x00002339 RCODE_BADKEY)
>>
>> In named.conf, I have
>>
>> zone "hq.arkonnetworks.com" {
>>    type master;
>>    file "db.hq.arkonnetworks.com";
>>    allow-update {key rndc.key; };
>> };
>>
>> Does this mean rndc.key is not recognized in Windows 20003? Is there a
>> way I can fix this?



More information about the bind-users mailing list