I have a Bind DNS server (well more than one) and I'm trying to give them all the records of the active directory. I put in all the records and tested, but it seems that only the short ones work and non of the long ones work:
Code:
$ dig _ldap._tcp.mydomain.com srv
; <<>> DiG 9.3.2 <<>> _ldap._tcp.mydomain.com srv
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18246
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; QUESTION SECTION:
;_ldap._tcp.mydomain.com. IN SRV
;; ANSWER SECTION:
_ldap._tcp.mydomain.com. 259200 IN SRV 0 0 389 server01.mydomain.com.
;; AUTHORITY SECTION:
mydomain.com. 259200 IN NS dns.mydomain.com.
mydomain.com. 259200 IN NS dns2.mydomain.com.
;; ADDITIONAL SECTION:
server01.mydomain.com. 259200 IN A x.x.x.x
dns.mydomain.com. 259200 IN A x.x.x.x
dns2.mydomain.com. 259200 IN A x.x.x.x
;; Query time: 1 msec
;; SERVER: x.x.x.x
;; WHEN: Tue Jan 16 17:08:32 2007
;; MSG SIZE rcvd: 161
returns correctly but anything longer
Code:
$ dig _ldap._tcp.pdc._msdcs.mydomain.com srv
; <<>> DiG 9.3.2 <<>> _ldap._tcp.pdc._msdcs.mydomain.com srv
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65344
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;_ldap._tcp.pdc._msdcs.mydomain.com. IN SRV
;; AUTHORITY SECTION:
mydomain.com. 259200 IN SOA mydomain.com. postmaster.mydomain.com. 2006120401 86400 18000 3600000 604800
;; Query time: 1 msec
;; SERVER: x.x.x.x
;; WHEN: Tue Jan 16 17:08:21 2007
;; MSG SIZE rcvd: 98
always fails
I suspect this is because "_names" like that don't extend the dns namespace and hence are answered but "names" without the illegal "_" character cause the server to try to resolve the subdomain which doesn't exist.
I'm not really sure how microsoft gets around this but it's quite annoying for me trying to get this to work with bind.
Can anybody help me out on this?