Hi
I have an existing OSX 10.3.8 server serving 100+ mac and windows machines on a network.
The mac server runs AFP, DHCP, DNS, NetBoot, NFS, OpenDirectory, MacManager (for OS9 clients) and Windows services.
My named.conf file:
// Declares control channels to be used by the rndc utility.
// It is recommended that 127.0.0.1 be the only address used.
// This also allows non-privileged users on the local host to manage
// your name server.
//
controls {
inet 127.0.0.1 port 54 allow {any; };
};
options {
directory "/var/named";
forwarders {
172.18.0.121;
172.18.0.122;
};
allow-transfer {none;};
recursion true;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.ca";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "0.0.127.in-addr.arpa.zone
";
allow-update { none; };
};
zone "mitcham.sch" IN {
file "mitcham.sch.zone";
type master;
};
zone "128.71.10.in-addr.arpa." IN {
file "128.71.10.in-addr.arpa..z
one";
type master;
};
zone "DNS" IN {
forwarders {
172.18.0.121;
172.18.0.122;
};
type forward;
};
logging {
channel _default_log {
file "/Library/Logs/named.log";
severity info;
print-time yes;
};
category default {
_default_log;
};
};
I have a windows 2003 server on the network serving terminal services. I have joined the win2k3 box to the domain controlled by the Mac server. Clients can log into the terminal server using domain accounts; it authenticates against the mac server, they get their home drive mounted etc etc
My Problem:
I would like to set the terminal server up so that the PCs on the network get group policy settings from the win2k3 server, since OSX servers cannot serve group policies.
I assume the first step is to add the active directory role to the win2k3 server and set it as an additional domain controller.
When I attempt to run the active directory installation wizard, I receive the following error when I enter the "network credentials" section of the wizard:
The domain name MITCHAM might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.
If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain MITCHAM:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.MITCH
AM
Common causes of this error include the following:
- The DNS SRV records required to locate a domain controller for the domain are not registered in DNS. These records are registered with a DNS server automatically when a domain controller is added to a domain. They are updated by the domain controller at set intervals. This computer is configured to use DNS servers with following IP addresses:
10.71.128.51
- One or more of the following zones do not include delegation to its child zone:
MITCHAM
. (the root zone)
For information about correcting this problem, click Help.
Is what I'm attempting to do even possible?; or is it a case of my DNS settings being incomplete? Do I have to be running 10.3.9 server or even 10.4 server?
I am not interested in managing user or computer domain accounts from the windows server - I just would like to be able to serve group policies.
