Link to home
Start Free TrialLog in
Avatar of axl13
axl13

asked on

Geting UNIX BIND master to Notify Windows 2003 AD Master

Our Windows AD server has about 2000 fewer A records than our Primary Bind... Seems AD is not getting the updates from Bind
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

The zone on the AD server is Secondary?

Does Transfer from Master actually work?

Chris
Avatar of axl13
axl13

ASKER

No, they set it up as a Master also
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Then it stands no chance.

Except for AD Integrated zones there's no multi-master model in DNS (with replication).  AD Integrated can only be hosted on AD Domain Controllers.

If you must use BIND for clients you cannot use the AD Integrated zones or any other Primary zone. All servers and clients should refer to the BIND server, no point in referring to the AD servers as you cannot update via a Secondary.

Personally I recommend you do away with BIND for the AD zone. Host that on the AD servers, and forward to the BIND server for internet resolution and anything else (if required). Have all clients use the AD servers in their TCP/IP configuration to ensure updates go smoothly.

Presumably you have more than one Domain Controller so providing fault tolerance on DNS services for clients is simple?

Chris
Avatar of axl13
axl13

ASKER

At one point this must have worked because they have 13000+ A records. Cant they be seconday to the bind servers and master to their AD servers???
ASKER CERTIFIED SOLUTION
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of axl13
axl13

ASKER

We have 4 Bind Servers and 1 AD server... 3 Bind servers are secondarys to 1 bind server. The 3 Seconday Bind servers have _ zones for the AD server. The 1 Master Bind server is set, or at least I think to notify the AD server of any changes... So from what you have mention, because the AD server thinks it is the master zone, it will not except the notifes from the BIND server... So, unless we make the AD server a slave to BIND, the updates will not take place???
 
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Correct, Notify only has a place when a Primary wants to notify a Secondary.

Two Primary servers cannot replicate outside of AD Integrated zones which holds the zone file in AD and uses AD replication rather than any kind of replication on the DNS level.

Chris
Avatar of axl13
axl13

ASKER

How do I find out what version of BIND I am running
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Should (hopefully) be able to do:

named -v

If it's not in a existing system path you'll have to use the full path to get that.

Chris