Bind9 DLZ not resolving _ldap._tcp.dom.tld?

Gémes Géza geza at kzsdabas.hu
Fri Oct 28 12:32:06 MDT 2011 

2011-10-28 19:42 keltezéssel, Michael Croes írta:
>
> Hi,
>
> I actually used your example, however that doesn't work for me with
> bind 9.9.0. That actually makes sense, because it reduces the amount
> of unnecessary lookups. Anyway it's hereby somewhat documented.
> Regards,
>
> Michael
>
> Op 28 okt. 2011 19:15 schreef "Gémes Géza" <geza at kzsdabas.hu
> <mailto:geza at kzsdabas.hu>> het volgende:
>
>     2011-10-28 16:26 keltezéssel, Michael Croes írta:
>     > Dear list,
>     >
>     > I solved the 'issue', so here is the 'solution' for future
>     reference:
>     >
>     > The dlz line in named.conf needs to contain the dns zone name, not
>     > just any string.
>     >
>     > Regards,
>     >
>     > Michael
>     >
>     > 2011/10/28 Michael Croes <mycroes at gmail.com
>     <mailto:mycroes at gmail.com>>:
>     >> Dear list,
>     >>
>     >> Sorry for my ignorance, it's not just _ldap._tcp.dom.tld that's not
>     >> working, but everthing in .dom.tld. Is there any way to get more
>     >> information from the dlz_bind9 module? I'm under the impression
>     Bind
>     >> isn't using it at all (it is loading it according to the log).
>     >> Regards,
>     >>
>     >> Michael
>     >>
>     >> 2011/10/28 Michael Croes <mycroes at gmail.com
>     <mailto:mycroes at gmail.com>>:
>     >>> Dear list,
>     >>>
>     >>> I just upgraded to Samba 4 alpha 17 and bind 9.9.0 and
>     configured bind
>     >>> to use the DLZ module. Resolving of the primary DC works, but
>     I can't
>     >>> resolve _ldap._tcp.dom.tld (SRV) or _kerberos.dom.tld (TXT).
>     Is this
>     >>> somehow intended?
>     >>> Regards,
>     >>>
>     >>> Michael
>     >>>
>     IMHO you should have had some other misconfiguration, in my test
>     domain
>     (with a working bind 9.8.1) my zone declaration looks like:
>
>     dlz "AD DNS Zone" {
>        database "dlopen /usr/local/samba/modules/bind9/dlz_bind9.so";
>     };
>
>     I wouldn't call "AD DNS Zone" a real zone name.
>
>     Cheers
>
>     Geza
>
If I would you I would look up the bind 9.8->9.9 changelog, if that
gives no results I would ask the bind people about what changes would
have gone undocumented. It seems that the bind changes could be the
cause of the differences.

Cheers

Geza

More information about the samba-technical mailing list