|
From: | Ross Taylor |
Subject: | [zonecheck-tests] Zonecheck and MS Active Directory DNS |
Date: | Mon, 3 Sep 2007 17:31:32 +0100 |
Dear Zonecheck-ers, I am trying to change the nameservers of a .fr domain to
point at my MS Active Directory-based nameservers but I cannot do so on the
afnic.fr system which uses the zonecheck tool, because there is a problem with
testing on Active Directory servers. All AD-integrated DNS servers regard themselves as Primaries
in SOA records, this is part of the fault tolerant design of Active Directory.
However, when a primary and a secondary NS are put into the zonecheck tool and
a check performed, you get the error "The primary nameserver doesn't match
the given one" because the test checks both servers, and gets a reply back
from both of them saying they are the primary SOA. I can get around this by changing
the zones from being AD-based to being 'flat' traditional-type zone files, but
this does remove the redundance of AD and adds a (slight) single point of
failure from my network which I would like to avoid. As having 2 primary servers doesnt cause a problem - only
registries that use zonecheck refuse my name servers at the moment, the vast
majority of the 2000+ domains I host (largely .com and .co.uk) are unaffected
by this. Can anyone suggest workarounds for this, or is there a
chance of modifying this rule to take AD into account in future releases? I would be interested in anyones opinions on this. Ross Taylor ---------------------------------------------------------------------------------
|
[Prev in Thread] | Current Thread | [Next in Thread] |