Bind slave to Windows 2008 AD/DNS

bsfinkel at bsfinkel at
Tue Dec 8 16:29:54 UTC 2009

Jukka Pakkanen <jukka.pakkanen at> wrote:

>Thanks. Those 6 zones are subdomains to company.local so I guess they 
>are covered.  What about the, is that needed in

If the zone


is mastered on a MX Windows DNS Server, then that zone will contain
the records that would be found in the

zones.  Look at the full zone on the BIND slave server, and you should
see records like these:

     _kerberos._tcp          10M IN SRV      0 100 88 abcaddc0
     _kpasswd._tcp           10M IN SRV      0 100 464 abcaddc0
     _ldap._tcp              10M IN SRV      0 100 389 abcaddc0
     _kerberos._udp          10M IN SRV      0 100 88 abcaddc0
     _kpasswd._udp           10M IN SRV      0 100 464 abcaddc0

These are taken from a forward zone I have on an MS Windows DNS Server.
In all my other cases, the AD "_" zones are on Windows, while the
forward zone is on my BIND master, so I needed to add NS delegation
records for the six (or four) AD zones.
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
Building 240, Room 5.B.8             Internet: BSFinkel at
Argonne, IL   60439-4828             IBMMAIL:  I1004994

More information about the bind-users mailing list