Difference between BIND and Windows AD DNS

Chris Buxton cbuxton at menandmice.com
Tue Mar 4 22:40:57 UTC 2008

The IP address of the server shown in the SRV record should be  
returned in the Additional section of the response. If you do not see  
it there, you should verify two things:

1. Does the server's name exist in a zone for which the BIND server is  
2. Do you have additional-from-auth turned off in the options  
statement of your named.conf?

As a test, I created a zone named "test.zone.". In that zone, I  
created an SRV record that refers to a hostname in the zone, and I  
also created the hostname. The results of a dig query:

$ dig @localhost _ldap._tcp.test.zone srv

; <<>> DiG 9.4.1-P1 <<>> @localhost _ldap._tcp.test.zone srv
; (3 servers found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61995
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;_ldap._tcp.test.zone.		IN	SRV

_ldap._tcp.test.zone.	172800	IN	SRV	0 0 389 fred.test.zone.

test.zone.		172800	IN	NS	localhost.

fred.test.zone.		172800	IN	A

;; Query time: 0 msec
;; WHEN: Tue Mar  4 14:38:51 2008
;; MSG SIZE  rcvd: 116

I'm using BIND 9.4.1-P1 in my testing lab.

Chris Buxton
Professional Services
Men & Mice
Address: Noatun 17, IS-105, Reykjavik, Iceland
Phone:   +354 412 1500
Email:   cbuxton at menandmice.com

Men & Mice
We bring control and flexibility to network management

This e-mail and its attachments may contain confidential and  
privileged information only intended for the person or entity to which  
it is addressed. If the reader of this message is not the intended  
recipient, you are hereby notified that any retention, dissemination,  
distribution or copy of this e-mail is strictly prohibited. If you  
have received this e-mail in error, please notify us immediately by  
reply e-mail and immediately delete this message and all its attachment.

On Mar 4, 2008, at 2:16 PM, Traynham.Ken at epamail.epa.gov wrote:

> I have noticed that our BIND servers do not return IP addresses in
> response to an SRV query as the Windows AD DNS servers do for the same
> query.  Is there a way to make them do this?  The AD zones are
> transferred in from the AD DNS servers, so they should be working with
> the same zone information.
> Thanks,
> Ken Traynham
> 919-767-7059
> ----------------------------------------------------------------------------------------
> This is a PRIVATE message. If you are not the intended recipient,  
> please
> delete without copying and kindly advise us by e-mail of the mistake  
> in
> delivery. NOTE: Regardless of content, this e-mail shall not operate  
> to
> bind CSC to any order or other contract unless pursuant to explicit
> written agreement or government initiative expressly permitting the  
> use
> of e-mail for such purpose.
> ----------------------------------------------------------------------------------------

More information about the bind-users mailing list