No subject


Tue Apr 2 00:56:56 UTC 2013 

of the SOA record in order for the Microsoft stuff to work. What you have there
now is "alderaan.". Since this is terminated with a dot, it is expected to be
in the *root* zone. Is there an "alderaan" name in the root zone? Presumably
not. Then how do you expect the Microsoft stuff to be able to make any sense
out of the name "alderaan."? You need to provide an A record for the name
"alderaan.empire.intranet.zone", and then either a) stop dot-terminating the
name in the MNAME field, or b) fully qualify *and* dot-terminate the
MNAME contents as "alderaan.empire.intranet.zone.".


-Kevin

Donnie Cranford wrote:

> Cricket,
>
> I have removed all instances of the Alderaan. and deathstar. entries and
> stopped and restarted named and this still does not seem to work.
>
> So all I have in the empire.intranet.zone file is
>
> $TTL 86400
>   @       IN      SOA  Alderaan.  postmaster.empire.intranet (
>                  10              ; Serial
>                  10800           ; Refresh
>                  3600            ; Retry
>                  604800          ; Expire
>                  86400           ; ttk
>   )
>
> ----------------------------------------------------------------------
>
> Then I stop and start named and dcpromo and I get the same error as
> before. do I have to have a IN A entry to the Alderaan.empire.intranet. ?
>
> Thanks
>
> Donnie Cranford
>
> BTW I am testing this on Windows .Net server Beta 3 (Im a beta tester)
> Cricket Liu wrote:
>
> >>I have read the MS setup for using Bind for the Domain controllers DNS, I
> >>have also read the article on BIND rejecting _msdcs transfers.
> >>The DNS nameserver is named Alderaan.empire.intranet on a internal
> >>192.168.1.102 address
> >>
> >>After putting all suggested configurations into place when I try to do a
> >>dcpromo and get to the part where it looks for the DNS I get :
> >>
> >>Diagnostic 1
> >>
> >>The wizard encountered an error while trying to determine if the DNS
> >>
> > server
> >
> >>with which this domain controller will register supports dynamic updates.
> >>
> >>For more information, including steps to correct this problem, see Help.
> >>
> >>Details
> >>
> >>The primary master DNS server tested was: Alderaan ()
> >>
> >>The zone was: empire.intranet
> >>
> >>The test for dynamic DNS update support returned:
> >>
> >>"DNS server failure."
> >>
> >>(error code 0x0000232A RCODE_SERVER_FAILURE)
> >>
> >>I did check my configuration to be sure that I allowd updates following is
> >>my /etc/named.conf
> >>
> >>// BIND configuration file
> >>
> >>
> >>options {
> >>                directory "/var/named";
> >>};
> >>
> >>
> >>//#####################################################
> >>//           Information for empire.intranet
> >>//#####################################################
> >>zone "empire.intranet" in {
> >>   type master;
> >>   file "empire.intranet.zone";
> >>   allow-update { any; };
> >>};
> >>
> >
> > That's fine, though you might want to limit dynamic updates to the IP
> > address of the Domain Controller.
> >
> >
> >>$TTL 86400
> >>@       IN      SOA  Alderaan.  postmaster.empire.intranet (
> >>                10              ; Serial
> >>                10800           ; Refresh
> >>                3600            ; Retry
> >>                604800          ; Expire
> >>                86400           ; ttk
> >>                )
> >>
> >>;
> >>; Name Servers
> >>;
> >>
> >>        IN      NS      Alderaan.empire.intranet.
> >>        IN      NS      24.31.3.8
> >>
> >
> > NS records need domain names in their RDATA, not IP addresses.
> >
> >
> >>;
> >>; Addresses for canonical names ordered by IP Address
> >>;
> >>
> >>Alderaan.               IN      A       192.168.1.102
> >>
> >>kristen-xp.             IN      A       192.168.1.110
> >>
> >>deathstar.              IN      A       192.168.1.50
> >>
> >>Can someone explain why this isnt working?
> >>
> >>Is it a bug in .Net or in Bind?
> >>
> >
> > Neither.  Your zone data is messed up.  You seem to be using trailing
> > dots in some cases and omitting them in others.  In the NS record,
> > you call the name server alderaan.empire.intranet, but you have an
> > address record attached to just "alderaan."  That's not going to work.
> >
> > cricket
> >
> > Men & Mice
> > DNS Software, Training and Consulting
> > www.menandmice.com
> >
> > Attend our next DNS and BIND class!  See
> > http://www.menandmice.com/8000/8000_dns_training.html
> > for the schedule and to register for upcoming classes
> >
> >
>
> --
> ===========================
> Donnie Cranford
> Unix Systems Administrator
> ING Americas
> 612-342-7357
> ===========================

More information about the bind-users mailing list