Domain controller unable to dynamically add/update PTR record
Kevin Darcy
kcd at daimlerchrysler.com
Tue Jan 25 01:38:42 UTC 2005
Smith, William E. (Bill), Jr. wrote:
>In our environment, we have allowed Windows domain controllers to
>dynamically update their A & PTR records within the Windows only
>domains. I'm currently troubelshooting a problem where a couple DC's
>register their A records fine but fail when trying to do their PTR
>records. After sifting through the various server logs, I came across
>the following error which I believe is at the core of the problem since
>I had a Windows admin do an ipconfig /registerdns on the DC to force it
>to re-register its records and noted that this error appeared within
>seconds after that attempt.
>update.log:Jan 24 11:45:24.901 info: client 128.244.198.27#2772:
>updating zone '
>dom1.jhuapl.edu/IN': update failed: 'RRset exists (value dependent)'
>prerequisit
>e not satisfied (NXRRSET)
>
>While it's clear that the problem is related to a prerequisite not being
>met, it's not clear to me what exact prerequisite has failed to be
>satisifed. Can anyone shed any light here? I know this is a common
>problem with DHCP clients but DHCP is not involved here. FWIW, the
>primary DNS server where these updates are coming into is a QIP DNS
>server. I'll provide any further info as needed/requested.
>
Hmmm... That's a failure of the *forward* update, because it would have
been redundant (value-dependent NXRRSET). My guess would be that
occurred when you manually did "ipconfig /registerdns" after the
original failure, because, as you said, the forward update worked on the
original try, just not the reverse update.
As for the root cause of why the reverse-record updates are failing, I
would check the usual suspects, e.g. the appropriate allow-update
statement on the reverse zone, correct info in the SOA record of the
reverse zone, etc. What happens if you try to add a record to that zone
via nsupdate?
- Kevin
More information about the bind-users
mailing list