DNS server not populating zone file

Hi All,

My situation:
2 x Win Server 2003 Active Directory running DNS for domain: my-domain.local
1 x Linux Server running DHCP/DNS/BIND for domain: my-domain.co.uk (300+
hosts/PCs with 'A' records)

My objective:
Migrate the linux server to my-domain.local, remove DNS services for
my-domain.co.uk and configure it as a slave DNS server.

Right, as far as I know I have configured Linux's DHCP and made the changes
to DNS (named) to set it as a slave. My problem is understanding how to get
my primary Active Directory server to populate its zone file with all my
hosts.

I'm sure there's something fundamental I'm not doing or comprehending.

Any advice of where I should be looking would be very appreciated.

Thanks in advance.

Elliot

"Elliot" <> wrote in message
news:E15A620A-84A2-48DA-BF1D-...
> Hi All,
>
> My situation:
> 2 x Win Server 2003 Active Directory running DNS for domain:
> my-domain.local
> 1 x Linux Server running DHCP/DNS/BIND for domain: my-domain.co.uk (300+
> hosts/PCs with 'A' records)
>
> My objective:
> Migrate the linux server to my-domain.local, remove DNS services for
> my-domain.co.uk and configure it as a slave DNS server.
>
> Right, as far as I know I have configured Linux's DHCP and made the
> changes
> to DNS (named) to set it as a slave. My problem is understanding how to
> get
> my primary Active Directory server to populate its zone file with all my
> hosts.
>
> I'm sure there's something fundamental I'm not doing or comprehending.
>
> Any advice of where I should be looking would be very appreciated.
>
> Thanks in advance.
>
> Elliot


An easy way to move zone data from one DNS server to another (no matter what
vendor), you can simply create a reverse zone on the one you want to move
to, such as the Windows DNS server. In the properties of the secondary zone
on the Windows server, provide the Linux machine's IP address as the Master.
Make sure that the Linux zone properties (config file) allows zone
transfers. Also make sure that UDP and TCP ports 53 are both open between
them. Then allow the zone to transfer. Once the zone file has populated, you
can change the Secondary zone type to a Primary. With Windows DNS on a DC,
you can opt to make the zone type AD Integrated. AD integration means it
simply stores the zone data in the AD database, and not in a text file under
system32\dns. With AD integration, all DCs in the domain or forest
(depending on the zone's replication scope you set it to in the zone
properties), will automatically without any additional steps on your part,
replicate to the other DCs in it's replication scope. You will see the zone
auto-appear on its own on the other DC (hit the refresh button). Then you
can change the zone type on the Linux server to a secondary, but providing
the Windows DNS as the Master. Make sure you set to allow zone transfers in
the zone properties on the Windows server.

I hope that helps.


--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.

"Ace Fekay [MCT]" <> wrote in message
news:...
> "Elliot" <> wrote in message
> news:E15A620A-84A2-48DA-BF1D-...
>> Hi All,
>>
>> My situation:
>> 2 x Win Server 2003 Active Directory running DNS for domain:
>> my-domain.local
>> 1 x Linux Server running DHCP/DNS/BIND for domain: my-domain.co.uk (300+
>> hosts/PCs with 'A' records)
>>
>> My objective:
>> Migrate the linux server to my-domain.local, remove DNS services for
>> my-domain.co.uk and configure it as a slave DNS server.
>>
>> Right, as far as I know I have configured Linux's DHCP and made the
>> changes
>> to DNS (named) to set it as a slave. My problem is understanding how to
>> get
>> my primary Active Directory server to populate its zone file with all my
>> hosts.
>>
>> I'm sure there's something fundamental I'm not doing or comprehending.
>>
>> Any advice of where I should be looking would be very appreciated.
>>
>> Thanks in advance.
>>
>> Elliot
>
>
> An easy way to move zone data from one DNS server to another (no matter
> what vendor), you can simply create a reverse zone on the one you want to
> move to, such as the Windows DNS server. In the properties of the
> secondary zone on the Windows server, provide the Linux machine's IP
> address as the Master. Make sure that the Linux zone properties (config
> file) allows zone transfers. Also make sure that UDP and TCP ports 53 are
> both open between them. Then allow the zone to transfer. Once the zone
> file has populated, you can change the Secondary zone type to a Primary.
> With Windows DNS on a DC, you can opt to make the zone type AD Integrated.
> AD integration means it simply stores the zone data in the AD database,
> and not in a text file under system32\dns. With AD integration, all DCs in
> the domain or forest (depending on the zone's replication scope you set it
> to in the zone properties), will automatically without any additional
> steps on your part, replicate to the other DCs in it's replication scope.
> You will see the zone auto-appear on its own on the other DC (hit the
> refresh button). Then you can change the zone type on the Linux server to
> a secondary, but providing the Windows DNS as the Master. Make sure you
> set to allow zone transfers in the zone properties on the Windows server.
>
> I hope that helps.
>
>
> --
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Please reply back to the newsgroup or forum for collaboration benefit
> among responding engineers, and to help others benefit from your
> resolution.
>
> Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
> 2003/2000, MCSA Messaging 2003
> Microsoft Certified Trainer
>
> For urgent issues, please contact Microsoft PSS directly. Please check
> http://support.microsoft.com for regional support phone numbers.

Hi Ace,

Thank you very much for the reply.

With many changes to the AD and linux box from various Google results, I
seem to have got to a point where the AD is slowly building up its
'my-domain.local' list with all the old 'my-domain.co.uk' hosts (as they
acquire new DHCP leases). So I'm relatively happy with this, though I would
really appreciate some further advice on some new queries:

- Some of the new 'A' records appearing have an accompanying 'Text (TXT)'
record, with a value such as: 316fecfcd0caa302ba88a009d12a70daff. I am
confused as to what this is! Is it a bad thing?
- I changed the 'my-domain.local' zone settings on the AD server to allow
'Nonsecure and secure' Dynamic updates. This was previously on 'Secure
Only'. Not sure whether I should really be setting this back to the original
settings - if so, would the updates from my Linux DHCP server be prevented?

Thanks in advance to all who spend the time to peruse my post.

Elliot

Not sure what the txt host records are for? Lok at an ip address of one of
them and track it down, this will probably help you figure out how/why it is
being created. Yes you will need to allow insecure updates if you want the
foreign dhcp server to do updates for clients, we use a third party dhcp
server but we still only allow the clients themselves to do updates so we
keep it at secure. It also prevents pritners from registering their
annoying names (HP loves to do this) which just pollutes our dns.

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"EJ" <> wrote in message
news:...
>
> "Ace Fekay [MCT]" <> wrote in message
> news:...
>> "Elliot" <> wrote in message
>> news:E15A620A-84A2-48DA-BF1D-...
>>> Hi All,
>>>
>>> My situation:
>>> 2 x Win Server 2003 Active Directory running DNS for domain:
>>> my-domain.local
>>> 1 x Linux Server running DHCP/DNS/BIND for domain: my-domain.co.uk (300+
>>> hosts/PCs with 'A' records)
>>>
>>> My objective:
>>> Migrate the linux server to my-domain.local, remove DNS services for
>>> my-domain.co.uk and configure it as a slave DNS server.
>>>
>>> Right, as far as I know I have configured Linux's DHCP and made the
>>> changes
>>> to DNS (named) to set it as a slave. My problem is understanding how to
>>> get
>>> my primary Active Directory server to populate its zone file with all my
>>> hosts.
>>>
>>> I'm sure there's something fundamental I'm not doing or comprehending.
>>>
>>> Any advice of where I should be looking would be very appreciated.
>>>
>>> Thanks in advance.
>>>
>>> Elliot
>>
>>
>> An easy way to move zone data from one DNS server to another (no matter
>> what vendor), you can simply create a reverse zone on the one you want to
>> move to, such as the Windows DNS server. In the properties of the
>> secondary zone on the Windows server, provide the Linux machine's IP
>> address as the Master. Make sure that the Linux zone properties (config
>> file) allows zone transfers. Also make sure that UDP and TCP ports 53 are
>> both open between them. Then allow the zone to transfer. Once the zone
>> file has populated, you can change the Secondary zone type to a Primary.
>> With Windows DNS on a DC, you can opt to make the zone type AD
>> Integrated. AD integration means it simply stores the zone data in the AD
>> database, and not in a text file under system32\dns. With AD integration,
>> all DCs in the domain or forest (depending on the zone's replication
>> scope you set it to in the zone properties), will automatically without
>> any additional steps on your part, replicate to the other DCs in it's
>> replication scope. You will see the zone auto-appear on its own on the
>> other DC (hit the refresh button). Then you can change the zone type on
>> the Linux server to a secondary, but providing the Windows DNS as the
>> Master. Make sure you set to allow zone transfers in the zone properties
>> on the Windows server.
>>
>> I hope that helps.
>>
>>
>> --
>> Ace
>>
>> This posting is provided "AS-IS" with no warranties or guarantees and
>> confers no rights.
>>
>> Please reply back to the newsgroup or forum for collaboration benefit
>> among responding engineers, and to help others benefit from your
>> resolution.
>>
>> Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
>> 2003/2000, MCSA Messaging 2003
>> Microsoft Certified Trainer
>>
>> For urgent issues, please contact Microsoft PSS directly. Please check
>> http://support.microsoft.com for regional support phone numbers.
>
> Hi Ace,
>
> Thank you very much for the reply.
>
> With many changes to the AD and linux box from various Google results, I
> seem to have got to a point where the AD is slowly building up its
> 'my-domain.local' list with all the old 'my-domain.co.uk' hosts (as they
> acquire new DHCP leases). So I'm relatively happy with this, though I
> would really appreciate some further advice on some new queries:
>
> - Some of the new 'A' records appearing have an accompanying 'Text (TXT)'
> record, with a value such as: 316fecfcd0caa302ba88a009d12a70daff. I am
> confused as to what this is! Is it a bad thing?
> - I changed the 'my-domain.local' zone settings on the AD server to allow
> 'Nonsecure and secure' Dynamic updates. This was previously on 'Secure
> Only'. Not sure whether I should really be setting this back to the
> original settings - if so, would the updates from my Linux DHCP server be
> prevented?
>
> Thanks in advance to all who spend the time to peruse my post.
>
> Elliot
>

"Paul Bergson [MVP-DS]" <pbbergs@no_spammsn.com> wrote in message
news:...

That's a good policy to have the clients register, and not the Linux DHCP
and keep it to only allow secure updates. In this scenario, do your clients
update their previously registered IPs with new IPs if they were to get a
new lease with a new IP?

Ace

> Not sure what the txt host records are for? Lok at an ip address of one
> of them and track it down, this will probably help you figure out how/why
> it is being created. Yes you will need to allow insecure updates if you
> want the foreign dhcp server to do updates for clients, we use a third
> party dhcp server but we still only allow the clients themselves to do
> updates so we keep it at secure. It also prevents pritners from
> registering their annoying names (HP loves to do this) which just pollutes
> our dns.
>
> --
> Paul Bergson
> MVP - Directory Services
> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
> 2008, 2003, 2000 (Early Achiever), NT4
> Microsoft's Thrive IT Pro of the Month - June 2009
>
> http://www.pbbergs.com
>
> Please no e-mails, any questions should be posted in the NewsGroup This
> posting is provided "AS IS" with no warranties, and confers no rights.
>
> "EJ" <> wrote in message
> news:...
>>
>> "Ace Fekay [MCT]" <> wrote in message
>> news:...
>>> "Elliot" <> wrote in message
>>> news:E15A620A-84A2-48DA-BF1D-...
>>>> Hi All,
>>>>
>>>> My situation:
>>>> 2 x Win Server 2003 Active Directory running DNS for domain:
>>>> my-domain.local
>>>> 1 x Linux Server running DHCP/DNS/BIND for domain: my-domain.co.uk
>>>> (300+
>>>> hosts/PCs with 'A' records)
>>>>
>>>> My objective:
>>>> Migrate the linux server to my-domain.local, remove DNS services for
>>>> my-domain.co.uk and configure it as a slave DNS server.
>>>>
>>>> Right, as far as I know I have configured Linux's DHCP and made the
>>>> changes
>>>> to DNS (named) to set it as a slave. My problem is understanding how to
>>>> get
>>>> my primary Active Directory server to populate its zone file with all
>>>> my
>>>> hosts.
>>>>
>>>> I'm sure there's something fundamental I'm not doing or comprehending.
>>>>
>>>> Any advice of where I should be looking would be very appreciated.
>>>>
>>>> Thanks in advance.
>>>>
>>>> Elliot
>>>
>>>
>>> An easy way to move zone data from one DNS server to another (no matter
>>> what vendor), you can simply create a reverse zone on the one you want
>>> to move to, such as the Windows DNS server. In the properties of the
>>> secondary zone on the Windows server, provide the Linux machine's IP
>>> address as the Master. Make sure that the Linux zone properties (config
>>> file) allows zone transfers. Also make sure that UDP and TCP ports 53
>>> are both open between them. Then allow the zone to transfer. Once the
>>> zone file has populated, you can change the Secondary zone type to a
>>> Primary. With Windows DNS on a DC, you can opt to make the zone type AD
>>> Integrated. AD integration means it simply stores the zone data in the
>>> AD database, and not in a text file under system32\dns. With AD
>>> integration, all DCs in the domain or forest (depending on the zone's
>>> replication scope you set it to in the zone properties), will
>>> automatically without any additional steps on your part, replicate to
>>> the other DCs in it's replication scope. You will see the zone
>>> auto-appear on its own on the other DC (hit the refresh button). Then
>>> you can change the zone type on the Linux server to a secondary, but
>>> providing the Windows DNS as the Master. Make sure you set to allow zone
>>> transfers in the zone properties on the Windows server.
>>>
>>> I hope that helps.
>>>
>>>
>>> --
>>> Ace
>>>
>>> This posting is provided "AS-IS" with no warranties or guarantees and
>>> confers no rights.
>>>
>>> Please reply back to the newsgroup or forum for collaboration benefit
>>> among responding engineers, and to help others benefit from your
>>> resolution.
>>>
>>> Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
>>> 2003/2000, MCSA Messaging 2003
>>> Microsoft Certified Trainer
>>>
>>> For urgent issues, please contact Microsoft PSS directly. Please check
>>> http://support.microsoft.com for regional support phone numbers.
>>
>> Hi Ace,
>>
>> Thank you very much for the reply.
>>
>> With many changes to the AD and linux box from various Google results, I
>> seem to have got to a point where the AD is slowly building up its
>> 'my-domain.local' list with all the old 'my-domain.co.uk' hosts (as they
>> acquire new DHCP leases). So I'm relatively happy with this, though I
>> would really appreciate some further advice on some new queries:
>>
>> - Some of the new 'A' records appearing have an accompanying 'Text (TXT)'
>> record, with a value such as: 316fecfcd0caa302ba88a009d12a70daff. I am
>> confused as to what this is! Is it a bad thing?
>> - I changed the 'my-domain.local' zone settings on the AD server to allow
>> 'Nonsecure and secure' Dynamic updates. This was previously on 'Secure
>> Only'. Not sure whether I should really be setting this back to the
>> original settings - if so, would the updates from my Linux DHCP server be
>> prevented?
>>
>> Thanks in advance to all who spend the time to peruse my post.
>>
>> Elliot
>>
>
>

"EJ" <> wrote in message
news:...
>
> "Ace Fekay [MCT]" <> wrote in message
> news:...
>> "Elliot" <> wrote in message
>> news:E15A620A-84A2-48DA-BF1D-...
>>> Hi All,
>>>
>>> My situation:
>>> 2 x Win Server 2003 Active Directory running DNS for domain:
>>> my-domain.local
>>> 1 x Linux Server running DHCP/DNS/BIND for domain: my-domain.co.uk (300+
>>> hosts/PCs with 'A' records)
>>>
>>> My objective:
>>> Migrate the linux server to my-domain.local, remove DNS services for
>>> my-domain.co.uk and configure it as a slave DNS server.
>>>
>>> Right, as far as I know I have configured Linux's DHCP and made the
>>> changes
>>> to DNS (named) to set it as a slave. My problem is understanding how to
>>> get
>>> my primary Active Directory server to populate its zone file with all my
>>> hosts.
>>>
>>> I'm sure there's something fundamental I'm not doing or comprehending.
>>>
>>> Any advice of where I should be looking would be very appreciated.
>>>
>>> Thanks in advance.
>>>
>>> Elliot
>>
>>
>> An easy way to move zone data from one DNS server to another (no matter
>> what vendor), you can simply create a reverse zone on the one you want to
>> move to, such as the Windows DNS server. In the properties of the
>> secondary zone on the Windows server, provide the Linux machine's IP
>> address as the Master. Make sure that the Linux zone properties (config
>> file) allows zone transfers. Also make sure that UDP and TCP ports 53 are
>> both open between them. Then allow the zone to transfer. Once the zone
>> file has populated, you can change the Secondary zone type to a Primary.
>> With Windows DNS on a DC, you can opt to make the zone type AD
>> Integrated. AD integration means it simply stores the zone data in the AD
>> database, and not in a text file under system32\dns. With AD integration,
>> all DCs in the domain or forest (depending on the zone's replication
>> scope you set it to in the zone properties), will automatically without
>> any additional steps on your part, replicate to the other DCs in it's
>> replication scope. You will see the zone auto-appear on its own on the
>> other DC (hit the refresh button). Then you can change the zone type on
>> the Linux server to a secondary, but providing the Windows DNS as the
>> Master. Make sure you set to allow zone transfers in the zone properties
>> on the Windows server.
>>
>> I hope that helps.
>>
>>
>> --
>> Ace
>>
>> This posting is provided "AS-IS" with no warranties or guarantees and
>> confers no rights.
>>
>> Please reply back to the newsgroup or forum for collaboration benefit
>> among responding engineers, and to help others benefit from your
>> resolution.
>>
>> Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
>> 2003/2000, MCSA Messaging 2003
>> Microsoft Certified Trainer
>>
>> For urgent issues, please contact Microsoft PSS directly. Please check
>> http://support.microsoft.com for regional support phone numbers.
>
> Hi Ace,
>
> Thank you very much for the reply.
>
> With many changes to the AD and linux box from various Google results, I
> seem to have got to a point where the AD is slowly building up its
> 'my-domain.local' list with all the old 'my-domain.co.uk' hosts (as they
> acquire new DHCP leases). So I'm relatively happy with this, though I
> would really appreciate some further advice on some new queries:
>
> - Some of the new 'A' records appearing have an accompanying 'Text (TXT)'
> record, with a value such as: 316fecfcd0caa302ba88a009d12a70daff. I am
> confused as to what this is! Is it a bad thing?
> - I changed the 'my-domain.local' zone settings on the AD server to allow
> 'Nonsecure and secure' Dynamic updates. This was previously on 'Secure
> Only'. Not sure whether I should really be setting this back to the
> original settings - if so, would the updates from my Linux DHCP server be
> prevented?
>
> Thanks in advance to all who spend the time to peruse my post.
>
> Elliot
>



That looks like an IPv6 address. Are the clients Vista with IPv6? If not,
and I can't fathom why an IPv6 address would register as a TXT record. I
would check the Linux forums to see if anyone's heard of or seen such a
thing.

In the Linux lease options, I assume you've set Option 015 to
my-domain.local.

Any reason to not move to Windows DHCP?

Ace

Hi Ace,

Thanks for your input.

I will look into changing our setup to only allow clients to register.

Admittedly, I'm not sure what you mean by, "do your clients update their
previously registered IPs with new IPs if they were to get a new lease with
a new IP?".

Our clients will dynamically change their IP configuration based on what is
pushed from the DHCP server whenever the lease expires (or I do ipconfig
release/renew). Not sure if this is what you are asking?

Cheers again.

Elliot

"Ace Fekay [MCT]" <> wrote in message
news:...
> "Paul Bergson [MVP-DS]" <pbbergs@no_spammsn.com> wrote in message
> news:...
>
> That's a good policy to have the clients register, and not the Linux DHCP
> and keep it to only allow secure updates. In this scenario, do your
> clients update their previously registered IPs with new IPs if they were
> to get a new lease with a new IP?
>
> Ace
>
>> Not sure what the txt host records are for? Lok at an ip address of one
>> of them and track it down, this will probably help you figure out how/why
>> it is being created. Yes you will need to allow insecure updates if you
>> want the foreign dhcp server to do updates for clients, we use a third
>> party dhcp server but we still only allow the clients themselves to do
>> updates so we keep it at secure. It also prevents pritners from
>> registering their annoying names (HP loves to do this) which just
>> pollutes our dns.
>>
>> --
>> Paul Bergson
>> MVP - Directory Services
>> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
>> 2008, 2003, 2000 (Early Achiever), NT4
>> Microsoft's Thrive IT Pro of the Month - June 2009
>>
>> http://www.pbbergs.com
>>
>> Please no e-mails, any questions should be posted in the NewsGroup This
>> posting is provided "AS IS" with no warranties, and confers no rights.
>>
>> "EJ" <> wrote in message
>> news:...
>>>
>>> "Ace Fekay [MCT]" <> wrote in message
>>> news:...
>>>> "Elliot" <> wrote in message
>>>> news:E15A620A-84A2-48DA-BF1D-...
>>>>> Hi All,
>>>>>
>>>>> My situation:
>>>>> 2 x Win Server 2003 Active Directory running DNS for domain:
>>>>> my-domain.local
>>>>> 1 x Linux Server running DHCP/DNS/BIND for domain: my-domain.co.uk
>>>>> (300+
>>>>> hosts/PCs with 'A' records)
>>>>>
>>>>> My objective:
>>>>> Migrate the linux server to my-domain.local, remove DNS services for
>>>>> my-domain.co.uk and configure it as a slave DNS server.
>>>>>
>>>>> Right, as far as I know I have configured Linux's DHCP and made the
>>>>> changes
>>>>> to DNS (named) to set it as a slave. My problem is understanding how
>>>>> to get
>>>>> my primary Active Directory server to populate its zone file with all
>>>>> my
>>>>> hosts.
>>>>>
>>>>> I'm sure there's something fundamental I'm not doing or comprehending.
>>>>>
>>>>> Any advice of where I should be looking would be very appreciated.
>>>>>
>>>>> Thanks in advance.
>>>>>
>>>>> Elliot
>>>>
>>>>
>>>> An easy way to move zone data from one DNS server to another (no matter
>>>> what vendor), you can simply create a reverse zone on the one you want
>>>> to move to, such as the Windows DNS server. In the properties of the
>>>> secondary zone on the Windows server, provide the Linux machine's IP
>>>> address as the Master. Make sure that the Linux zone properties (config
>>>> file) allows zone transfers. Also make sure that UDP and TCP ports 53
>>>> are both open between them. Then allow the zone to transfer. Once the
>>>> zone file has populated, you can change the Secondary zone type to a
>>>> Primary. With Windows DNS on a DC, you can opt to make the zone type AD
>>>> Integrated. AD integration means it simply stores the zone data in the
>>>> AD database, and not in a text file under system32\dns. With AD
>>>> integration, all DCs in the domain or forest (depending on the zone's
>>>> replication scope you set it to in the zone properties), will
>>>> automatically without any additional steps on your part, replicate to
>>>> the other DCs in it's replication scope. You will see the zone
>>>> auto-appear on its own on the other DC (hit the refresh button). Then
>>>> you can change the zone type on the Linux server to a secondary, but
>>>> providing the Windows DNS as the Master. Make sure you set to allow
>>>> zone transfers in the zone properties on the Windows server.
>>>>
>>>> I hope that helps.
>>>>
>>>>
>>>> --
>>>> Ace
>>>>
>>>> This posting is provided "AS-IS" with no warranties or guarantees and
>>>> confers no rights.
>>>>
>>>> Please reply back to the newsgroup or forum for collaboration benefit
>>>> among responding engineers, and to help others benefit from your
>>>> resolution.
>>>>
>>>> Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE &
>>>> MCSA 2003/2000, MCSA Messaging 2003
>>>> Microsoft Certified Trainer
>>>>
>>>> For urgent issues, please contact Microsoft PSS directly. Please check
>>>> http://support.microsoft.com for regional support phone numbers.
>>>
>>> Hi Ace,
>>>
>>> Thank you very much for the reply.
>>>
>>> With many changes to the AD and linux box from various Google results, I
>>> seem to have got to a point where the AD is slowly building up its
>>> 'my-domain.local' list with all the old 'my-domain.co.uk' hosts (as they
>>> acquire new DHCP leases). So I'm relatively happy with this, though I
>>> would really appreciate some further advice on some new queries:
>>>
>>> - Some of the new 'A' records appearing have an accompanying 'Text
>>> (TXT)' record, with a value such as: 316fecfcd0caa302ba88a009d12a70daff.
>>> I am confused as to what this is! Is it a bad thing?
>>> - I changed the 'my-domain.local' zone settings on the AD server to
>>> allow 'Nonsecure and secure' Dynamic updates. This was previously on
>>> 'Secure Only'. Not sure whether I should really be setting this back to
>>> the original settings - if so, would the updates from my Linux DHCP
>>> server be prevented?
>>>
>>> Thanks in advance to all who spend the time to peruse my post.
>>>
>>> Elliot
>>>
>>
>>
>
>
>

Hi Paul,

I will definitely look into only allowing clients to register - I have
already begun seeing HP devices flood my zone file )

I deleted all the TXT files yesterday just to see what happens, and no
surprise they have all returned! I'm looking into Ace's IPv6 suggestion at
the moment.

Thanks for the replies

Elliot

"Paul Bergson [MVP-DS]" <pbbergs@no_spammsn.com> wrote in message
news:...
> Not sure what the txt host records are for? Lok at an ip address of one
> of them and track it down, this will probably help you figure out how/why
> it is being created. Yes you will need to allow insecure updates if you
> want the foreign dhcp server to do updates for clients, we use a third
> party dhcp server but we still only allow the clients themselves to do
> updates so we keep it at secure. It also prevents pritners from
> registering their annoying names (HP loves to do this) which just pollutes
> our dns.
>
> --
> Paul Bergson
> MVP - Directory Services
> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
> 2008, 2003, 2000 (Early Achiever), NT4
> Microsoft's Thrive IT Pro of the Month - June 2009
>
> http://www.pbbergs.com
>
> Please no e-mails, any questions should be posted in the NewsGroup This
> posting is provided "AS IS" with no warranties, and confers no rights.
>
> "EJ" <> wrote in message
> news:...
>>
>> "Ace Fekay [MCT]" <> wrote in message
>> news:...
>>> "Elliot" <> wrote in message
>>> news:E15A620A-84A2-48DA-BF1D-...
>>>> Hi All,
>>>>
>>>> My situation:
>>>> 2 x Win Server 2003 Active Directory running DNS for domain:
>>>> my-domain.local
>>>> 1 x Linux Server running DHCP/DNS/BIND for domain: my-domain.co.uk
>>>> (300+
>>>> hosts/PCs with 'A' records)
>>>>
>>>> My objective:
>>>> Migrate the linux server to my-domain.local, remove DNS services for
>>>> my-domain.co.uk and configure it as a slave DNS server.
>>>>
>>>> Right, as far as I know I have configured Linux's DHCP and made the
>>>> changes
>>>> to DNS (named) to set it as a slave. My problem is understanding how to
>>>> get
>>>> my primary Active Directory server to populate its zone file with all
>>>> my
>>>> hosts.
>>>>
>>>> I'm sure there's something fundamental I'm not doing or comprehending.
>>>>
>>>> Any advice of where I should be looking would be very appreciated.
>>>>
>>>> Thanks in advance.
>>>>
>>>> Elliot
>>>
>>>
>>> An easy way to move zone data from one DNS server to another (no matter
>>> what vendor), you can simply create a reverse zone on the one you want
>>> to move to, such as the Windows DNS server. In the properties of the
>>> secondary zone on the Windows server, provide the Linux machine's IP
>>> address as the Master. Make sure that the Linux zone properties (config
>>> file) allows zone transfers. Also make sure that UDP and TCP ports 53
>>> are both open between them. Then allow the zone to transfer. Once the
>>> zone file has populated, you can change the Secondary zone type to a
>>> Primary. With Windows DNS on a DC, you can opt to make the zone type AD
>>> Integrated. AD integration means it simply stores the zone data in the
>>> AD database, and not in a text file under system32\dns. With AD
>>> integration, all DCs in the domain or forest (depending on the zone's
>>> replication scope you set it to in the zone properties), will
>>> automatically without any additional steps on your part, replicate to
>>> the other DCs in it's replication scope. You will see the zone
>>> auto-appear on its own on the other DC (hit the refresh button). Then
>>> you can change the zone type on the Linux server to a secondary, but
>>> providing the Windows DNS as the Master. Make sure you set to allow zone
>>> transfers in the zone properties on the Windows server.
>>>
>>> I hope that helps.
>>>
>>>
>>> --
>>> Ace
>>>
>>> This posting is provided "AS-IS" with no warranties or guarantees and
>>> confers no rights.
>>>
>>> Please reply back to the newsgroup or forum for collaboration benefit
>>> among responding engineers, and to help others benefit from your
>>> resolution.
>>>
>>> Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
>>> 2003/2000, MCSA Messaging 2003
>>> Microsoft Certified Trainer
>>>
>>> For urgent issues, please contact Microsoft PSS directly. Please check
>>> http://support.microsoft.com for regional support phone numbers.
>>
>> Hi Ace,
>>
>> Thank you very much for the reply.
>>
>> With many changes to the AD and linux box from various Google results, I
>> seem to have got to a point where the AD is slowly building up its
>> 'my-domain.local' list with all the old 'my-domain.co.uk' hosts (as they
>> acquire new DHCP leases). So I'm relatively happy with this, though I
>> would really appreciate some further advice on some new queries:
>>
>> - Some of the new 'A' records appearing have an accompanying 'Text (TXT)'
>> record, with a value such as: 316fecfcd0caa302ba88a009d12a70daff. I am
>> confused as to what this is! Is it a bad thing?
>> - I changed the 'my-domain.local' zone settings on the AD server to allow
>> 'Nonsecure and secure' Dynamic updates. This was previously on 'Secure
>> Only'. Not sure whether I should really be setting this back to the
>> original settings - if so, would the updates from my Linux DHCP server be
>> prevented?
>>
>> Thanks in advance to all who spend the time to peruse my post.
>>
>> Elliot
>>
>
>

"EJ" <> wrote in message
news:...
> Hi Ace,
>
> Thanks for your input.
>
> I will look into changing our setup to only allow clients to register.
>
> Admittedly, I'm not sure what you mean by, "do your clients update their
> previously registered IPs with new IPs if they were to get a new lease
> with a new IP?".
>
> Our clients will dynamically change their IP configuration based on what
> is pushed from the DHCP server whenever the lease expires (or I do
> ipconfig release/renew). Not sure if this is what you are asking?
>
> Cheers again.
>
> Elliot

Hi Elliot,

I poorly stated that. Sorry. Basically, when a DHCP client gets a new IP, it
should overwrite the old IP without creating a new record. In a default
scenario where the DHCP server is registering the A record, it may not own
the record, therefore it cannot update the current record, so it will create
a dupe name with a different IP. Not sure if this is also occuring, but you
can read the following link to see what I mean, to see if it applies if it
is possibly happening in your case, and how to get around that.

DHCP, Dynamic DNS Updates , Scavenging, static entries & timestamps, and the
DnsProxyUpdate Group (How to remove duplicate DNS host records)
http://msmvps.com/blogs/acefekay/arc...ate-group.aspx

But the txt record issue is curious. What DHCP Scope or Server Options have
you set?

Ace