General
cancel
Showing results for 
Search instead for 
Did you mean: 

cannot synchronize BIND9 with WIN2000 DNS AD

 
SOLVED
Go to solution
Highlighted
Super Advisor

cannot synchronize BIND9 with WIN2000 DNS AD

hi

I cannot synchronize BIND9 with WIN2000 DNS from Active Directory.
I've created on linux a slave Zone for domain.net, but get following error message:

Nov 7 13:29:38 ns1 named[1055]: transfer of 'domain.net/IN' from 192.168.1.10#53: failed while receiving responses: REFUSED
Nov 7 13:29:38 ns1 named[1055]: transfer of 'doamin.net/IN' from 192.168.1.10#53: end of transfer

I have BIND version 9.2.4

knows someone why WIN2000 DNS refused the zone transfer ?

kind regards
chris
16 REPLIES 16
Highlighted
Honored Contributor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

Go to your windows server.
click on start,then choose run
type dnsmgmt.msc
expand the relevant zone.
Right click on it and choose properties.
Then go to "zone transfers" tab
and check the "allow zone transfer" ,while to any server is selected,or you can specify an IP of servers to which allow the zone transfer.
Highlighted
Honored Contributor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

In the Windows DNS console you must enable:

"bind secondaries"
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Highlighted
Super Advisor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

thanks,

but cannot find "bind secondaries" option on
the Windows DNS console.

Highlighted
Honored Contributor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

It's in the avdanced tab:

See:

http://informit.staging.informit.mttech.com/content/images/chap3_0789730146/elementLinks/03fig09.jpg

Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Highlighted
Super Advisor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

"allow zone transfer" is to any server

"bind secondaries" is enabled,

but still doesn't work and I get the same error messages.
Highlighted
Honored Contributor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

Check if you can reach the dns server on port 53?
telnet dnserver 53


Highlighted
Super Advisor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

telnet dnserver 53 is working
Highlighted
Honored Contributor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

see if the user (under which dns is working) is allowed to create files in place that's specified in named.conf file.


Besides what version of linux is it?
If it's redhat 4 or fedora 3 or higher then the files should be created in /var/named/chroot/var/named
by default and not in /var/named
Highlighted
Super Advisor

Re: cannot synchronize BIND9 with WIN2000 DNS AD

local dns server SLAVE: debian sarge with BIND version 9.2.4

remote dns server MASTER: WIN2000 Active Directory

should I create a windows user on linux ?