Sign in
 

none
BIND DNS server setup for W2K8 AD Domain

 > 

    Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    I am forced to use our existing BIND DNS servers and add the records required to support my domain.  Here is the output from running dcdiag /test:dns:

    TEST: Records registration (RReg)
                      Network Adapter [00000012] Intel(R) PRO/1000 MT Network Connection:
                         Error: Missing CNAME record at DNS server a.b.c.d:
                         c3815686-4186-41c8-a264-e7a53e7e0e55._msdcs.domainname.com
                        
                         Error: Missing GC SRV record at DNS server a.b.c.d:
                         _ldap._tcp.gc._msdcs.domainname.com

    Here is what the current config looks like:

    ad2.domainname.com.    A 10.10.10.100
    _ldap._tcp.domainname.com.   SRV 0 0 389 ad2.domainname.com.
    _kerberos._tcp.domainname.com.   SRV 0 0 88 ad2.domainname.com.
    _ldap._tcp.dc._msdcs.domainname.com.  SRV 0 0 389 ad2.domainname.com.
    _kerberos._tcp.dc._msdcs.domainname.com. SRV 0 0 88 ad2.domainname.com.

    Thanks.

    Wednesday, August 18, 2010 4:58 PM
    |

Answers

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    You are clearly missing a number of DNS records (including the ones indicated by the DCDIAG)

    For the full list, refer to http://technet.microsoft.com/en-us/library/cc759550(WS.10).aspx (SRV Records Registered by Netlogon section)

    hth
    Marcin

     

    • Proposed as answer by Thomas Wimprine Friday, August 20, 2010 3:12 AM
    • Marked as answer by Bruce-Liu Wednesday, August 25, 2010 2:42 AM
    Wednesday, August 18, 2010 5:13 PM
    |
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello,

     

     Your DC hasn’t registered its CNAME record on the specified DNS server.

     

    Regards,

    Wednesday, August 18, 2010 10:05 PM
    |
  • Question
    Sign in to vote
    0
    Sign in to vote

    You could also configure your BIND server to allow for dynamic update. You would need to update the conf file (named.conf normally) for dynamic updates from whatever subnet your domain controllers are on.

    This would probably be the better solution since you will not need to maintain the server records if anything would change in the environment such as: Global Catalog servers, Add/Remove Sites or DCs, Change Master Roles... etc... and lots of other small things that people tend to forget is actually kept in DNS

    Here's an older article from TechNet that I think will help out - http://technet.microsoft.com/en-us/library/dd316373.aspx#ECAA

    Thomas

    • Edited by Thomas Wimprine Thursday, August 19, 2010 12:00 AM Added information
    • Proposed as answer by Thomas Wimprine Friday, August 20, 2010 3:11 AM
    Wednesday, August 18, 2010 10:29 PM
    |