Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
Konstantin2014-10-14 08:48:58
linux
Konstantin, 2014-10-14 08:48:58

How to configure BIND to work with a domain controller?

There is a working bind9 on centos, it serves one small internal zone (a company with 100 users). After setting the Linux machine on the domain controller by the main dns server, errors like this fell down:

Проблема:
Запись ресурса "Rfc1510KdcAtSite" DNS-службы (SRV), объявляющая этот контроллер домена в качестве доступного сервера Kerberos для домена в рамках своего локального сайта, не зарегистрирована. Эта запись должна регистрироваться всеми серверами Kerberos в домене.

Воздействие:
Другие контроллеры и компьютеры-члены домена или леса не смогут найти этот контроллер домена в пределах локального сайта в качестве сервера Kerberos. Этот контроллер домена не сможет предоставить полный набор служб.

Разрешение:
С помощью групповой политики или реестра убедитесь, что запись "Rfc1510KdcAtSite" не настроена в списке "DnsAvoidRegisteredRecords". Перезапустите службу Netlogon. Убедитесь в том, что запись DNS "_kerberos._tcp.Default-First-Site-Name._sites.domain.local", указывающая на локальный контроллер домена "RED.domain.local", зарегистрирована в DNS.

So I understand that the controller does not find these records on dns. How to correct this problem? In which direction to dig?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
K
Konstantin, 2014-10-14
@fallen8rwtf

Problem solved:
BIND9 has zones defined

_msdcs
_tcp
_udp
_sites
DomainDnsZones
ForestDnsZones

with the parameter
on all servers (secondary controllers) put dns'om AD-server
Found an interesting article about this case:
Article

Report
S
Sergey, 2014-10-14
@bk0011m

The domain controller must be Primary DNS, the rest are all Slaves. So redo the settings on your bind9 centos so that it becomes a slave, and make the domain controller the zone holder

Report
M
Maxim Vasiliev, 2014-10-14
@qmax

You can also load the controller into a subdomain and delegate it from the main one. Well and in a subdomain to make a forwarding.

Report
N
Niko_F, 2015-03-30
@Niko_F

The main parameter check-names ignore; because bind is not friendly with the naming convention in Windows systems, the rest is the same as on all binds

Similar questions
I
Ivan2018-03-12 01:24:02
How to load multiple files in Bash and merge them into one? 2Reply
E
entermix2015-11-04 01:12:36
What happened to Debian? 2Reply
J
jidckii2015-11-04 08:57:23
OS choice for iSCSI storage? 7Reply
A
Alexander Kaplun2020-05-06 12:45:59
How to create a terminal server on Linux? 5Reply
R
RiffKazan2011-12-18 20:42:14
Hibernation in linux mint? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question