Delegate from BIND to Windows 2003 DNS (AD Zone)
FabriceR
nospam at spam.net
Tue Apr 12 17:10:39 UTC 2005
Hello,
I have bind DNS (8.3.3-REL-NOESW) for my compagny and we'll install a
Windows 2003 AD with DNS. Our plan is :
* Keep our clients on BIND DNS (compagny.fr)
* Create the 2003 AD zone DNS (ad.compagny.fr)
* Delegate ad to 2003 DNS (the DC machine) in BIND
To do this, I create a stub zone in BIND DNS witch point to the 2 DC
2003. The creation is ok and I can query BIND DNS about NS record for
ad.compagny.fr (and A records associates).
When I try a query (other than NS) for the ad.compagny.fr domaine on
BIND DNS, I have an error.
I supposed the problem is that Windows 2003 AD DNS have multiple master.
Each DC is master on the zone and each DC give SOA with his own name (cf
at the end, the "host -C")
Hope you have some links or hints.
Best regards,
FabriceR
$ dig NS ad.compagny.fr
; <<>> DiG 9.2.1 <<>> NS ad.compagny.fr
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14691
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;ad.compagny.fr. IN NS
;; ANSWER SECTION:
ad.compagny.fr. 3600 IN NS dc2.ad.compagny.fr.
ad.compagny.fr. 3600 IN NS dc1.ad.compagny.fr.
;; ADDITIONAL SECTION:
dc2.ad.compagny.fr. 3600 IN A 192.168.7.27
dc1.ad.compagny.fr. 3600 IN A 192.168.7.17
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Apr 12 15:57:13 2005
;; MSG SIZE rcvd: 114
$
$ dig @dc1.ad.compagny.fr. SOA ad.compagny.fr
; <<>> DiG 9.2.1 <<>> @dc1.ad.compagny.fr. SOA ad.compagny.fr
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14064
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;ad.compagny.fr. IN SOA
;; ANSWER SECTION:
ad.compagny.fr. 3600 IN SOA dc1.ad.compagny.fr.
hostmaster. 900 900 600 86400 3600
;; ADDITIONAL SECTION:
dc1.ad.compagny.fr. 3600 IN A 192.168.7.17
;; Query time: 0 msec
;; SERVER: 192.168.7.17#53(dc1.ad.compagny.fr.)
;; WHEN: Tue Apr 12 15:57:37 2005
;; MSG SIZE rcvd: 107
$
$ more /etc/bind/named.conf
...
// Zone ad
zone "ad.compagny.fr" IN {
type stub;
file "/etc/bind/db.ad.compagny.fr";
masters { 192.168.7.27; 192.168.7.27; };
};
...
$
$ host -C ad.compagny.fr.
ad.compagny.fr NS dc1.ad.compagny.fr
dc1.ad.compagny.fr hostmaster (900 900 600 86400 3600)
!!! ad.compagny.fr SOA hostmaster hostmaster has illegal mailbox
!!! ad.compagny.fr SOA expire is less than 1 week (1 day)
ad.compagny.fr NS dc2.ad.compagny.fr
dc2.ad.compagny.fr hostmaster (900 900 600 86400 3600)
*** dc2.ad.compagny.fr and dc1.ad.compagny.fr have different primary
for ad.compagny.fr
$
More information about the bind-users
mailing list