Migrate dns to bind
Taylor, Jonn
jonnt at taylortelephone.com
Wed Sep 4 15:19:45 CEST 2013
On 09/03/2013 09:42 PM, Amitay Isaacs wrote:
> Hi John,
>
> On Wed, Sep 4, 2013 at 2:49 AM, Jonn Taylor <jonnt at taylortelephone.com
> <mailto:jonnt at taylortelephone.com>> wrote:
>
> I am having problems migrating away from the internal dns server.
> I have 2 win2k3 servers that I would like to make go away someday.
> My DC2 server is currently providing pdc, dhcp and dns. DC0 will
> be the final replacement.
>
> Is this problem caused by this bug?
> https://bugzilla.samba.org/show_bug.cgi?id=9210
>
> Sep 3 11:36:19 dc0 named[4401]: starting BIND
> 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6.3 -u named
> Sep 3 11:36:19 dc0 named[4401]: built with
> '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu'
> '--target=x86_64-redhat-linux-gnu' '--program-prefix='
> '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin'
> '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share'
> '--includedir=/usr/include' '--libdir=/usr/lib64'
> '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib'
> '--mandir=/usr/share/man' '--infodir=/usr/share/info'
> '--with-libtool' '--localstatedir=/var' '--enable-threads'
> '--enable-ipv6' '--with-pic' '--disable-static'
> '--disable-openssl-version-check' '--with-dlz-ldap=yes'
> '--with-dlz-postgres=yes' '--with-dlz-mysql=yes'
> '--with-dlz-filesystem=yes' '--with-gssapi=yes'
> '--disable-isc-spnego'
> '--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets'
> '--enable-fixed-rrset' 'build_alias=x86_64-redhat-linux-gnu'
> 'host_alias=x86_64-redhat-linux-gnu'
> 'target_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall
> -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector
> --param=ssp-buffer-size=4 -m64 -mtune=generic' 'CPPFLAGS=
> -DDIG_SIGCHASE'
> Sep 3 11:36:19 dc0 named[4401]:
> ----------------------------------------------------
> Sep 3 11:36:19 dc0 named[4401]: BIND 9 is maintained by Internet
> Systems Consortium,
> Sep 3 11:36:19 dc0 named[4401]: Inc. (ISC), a non-profit
> 501(c)(3) public-benefit
> Sep 3 11:36:19 dc0 named[4401]: corporation. Support and
> training for BIND 9 are
> Sep 3 11:36:19 dc0 named[4401]: available at
> https://www.isc.org/support
> Sep 3 11:36:19 dc0 named[4401]:
> ----------------------------------------------------
> Sep 3 11:36:19 dc0 named[4401]: adjusted limit on open files from
> 4096 to 1048576
> Sep 3 11:36:19 dc0 named[4401]: found 1 CPU, using 1 worker thread
> Sep 3 11:36:19 dc0 named[4401]: using up to 4096 sockets
> Sep 3 11:36:19 dc0 named[4401]: loading configuration from
> '/etc/named.conf'
> Sep 3 11:36:19 dc0 named[4401]: reading built-in trusted keys
> from file '/etc/named.iscdlv.key'
> Sep 3 11:36:19 dc0 named[4401]: using default UDP/IPv4 port
> range: [1024, 65535]
> Sep 3 11:36:19 dc0 named[4401]: using default UDP/IPv6 port
> range: [1024, 65535]
> Sep 3 11:36:19 dc0 named[4401]: listening on IPv6 interface lo,
> ::1#53
> Sep 3 11:36:19 dc0 named[4401]: generating session key for
> dynamic DNS
> Sep 3 11:36:19 dc0 named[4401]: sizing zone task pool based on 1
> zones
> Sep 3 11:36:19 dc0 named[4401]: Loading 'AD DNS Zone' using
> driver dlopen
> Sep 3 11:36:20 dc0 named[4401]: samba_dlz: started for DN
> DC=taylortelephone,DC=com
> Sep 3 11:36:20 dc0 named[4401]: samba_dlz: starting configure
> Sep 3 11:36:20 dc0 named[4401]: samba_dlz: configured writeable
> zone 'example.lan'
> Sep 3 11:36:20 dc0 named[4401]: samba_dlz: configured writeable
> zone '198.89.70.in-addr.arpa'
> Sep 3 11:36:20 dc0 named[4401]: samba_dlz: configured writeable
> zone '173.168.192.in-addr.arpa'
> Sep 3 11:36:20 dc0 named[4401]: samba_dlz: configured writeable
> zone '183.168.192.in-addr.arpa'
> Sep 3 11:36:20 dc0 named[4401]: samba_dlz: configured writeable
> zone '170.168.192.in-addr.arpa'
> Sep 3 11:36:20 dc0 named[4401]: samba_dlz: configured writeable
> zone 'taylortelephone.com <http://taylortelephone.com>'
> Sep 3 11:36:20 dc0 named[4401]: samba_dlz: configured writeable
> zone 'taylordatacom.com <http://taylordatacom.com>'
> Sep 3 11:36:20 dc0 named[4401]: samba_dlz: configured writeable
> zone '_msdcs.taylortelephone.com <http://msdcs.taylortelephone.com>'
> Sep 3 11:36:20 dc0 named[4401]: samba_dlz: Failed to configure
> zone 'taylortelephone.com <http://taylortelephone.com>'
> Sep 3 11:36:20 dc0 named[4401]: loading configuration: already exists
> Sep 3 11:36:20 dc0 named[4401]: exiting (due to fatal error)
>
>
> It does appear to be related. You seem to have sames zones defined
> both in DNS partitions and the domain partition. This will cause
> problem with BIND DLZ module as it will try to load zones from all DNS
> partitions and domain partition (CN=MicrosoftDNS,CN=System subtree).
> W2K3 server can maintain DNS information in two places if you have DNS
> partitions configured. Currently Samba does not support that.
>
> One option would be to remove duplicate DNS information and store the
> zones only in one place (preferably in DNS partitions). Then any of
> DNS solutions (internal server or BIND DLZ) would work just fine.
>
> Amitay.
Problem is according to Andrew this location is hard coded for 2003
domain level but correct in 2008.
Jonn
More information about the samba-technical
mailing list