General

cannot synchronize BIND9 with WIN2000 DNS AD

 
SOLVED
Go to solution
'chris'
Super Advisor

cannot synchronize BIND9 with WIN2000 DNS AD

hi

I cannot synchronize BIND9 with WIN2000 DNS from Active Directory.
I've created on linux a slave Zone for domain.net, but get following error message:

Nov 7 13:29:38 ns1 named[1055]: transfer of 'domain.net/IN' from 192.168.1.10#53: failed while receiving responses: REFUSED
Nov 7 13:29:38 ns1 named[1055]: transfer of 'doamin.net/IN' from 192.168.1.10#53: end of transfer

I have BIND version 9.2.4

knows someone why WIN2000 DNS refused the zone transfer ?

kind regards
chris
16 REPLIES 16
Alexander Chuzhoy
Honored Contributor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

Go to your windows server.
click on start,then choose run
type dnsmgmt.msc
expand the relevant zone.
Right click on it and choose properties.
Then go to "zone transfers" tab
and check the "allow zone transfer" ,while to any server is selected,or you can specify an IP of servers to which allow the zone transfer.
Ivan Ferreira
Honored Contributor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

In the Windows DNS console you must enable:

"bind secondaries"
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
'chris'
Super Advisor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

thanks,

but cannot find "bind secondaries" option on
the Windows DNS console.

Ivan Ferreira
Honored Contributor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

It's in the avdanced tab:

See:

http://informit.staging.informit.mttech.com/content/images/chap3_0789730146/elementLinks/03fig09.jpg

Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
'chris'
Super Advisor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

"allow zone transfer" is to any server

"bind secondaries" is enabled,

but still doesn't work and I get the same error messages.
Alexander Chuzhoy
Honored Contributor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

Check if you can reach the dns server on port 53?
telnet dnserver 53


'chris'
Super Advisor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

telnet dnserver 53 is working
Alexander Chuzhoy
Honored Contributor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

see if the user (under which dns is working) is allowed to create files in place that's specified in named.conf file.


Besides what version of linux is it?
If it's redhat 4 or fedora 3 or higher then the files should be created in /var/named/chroot/var/named
by default and not in /var/named
'chris'
Super Advisor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

local dns server SLAVE: debian sarge with BIND version 9.2.4

remote dns server MASTER: WIN2000 Active Directory

should I create a windows user on linux ?