Archived from groups: microsoft.public.win2000.dns (
More info?)
In news:OdAqiwJpEHA.2588@TK2MSFTNGP12.phx.gbl,
Scot <sendto
refereduser@yahoo.com> commented
Then Kevin replied below:
> Thanks for the reply.
>
> Kevin D. Goodknecht Sr. [MVP] wrote:
>> In news:%23Iw6YYEpEHA.1988@TK2MSFTNGP09.phx.gbl,
>> Scot <sendto
refereduser@yahoo.com> commented
>> Then Kevin replied below:
>>> I am trying to delegate a subzone of my domain (Active
>>> Directory in native mode on Win2K) to a UNIX box.
>>
>> Isn't the delegation working?
>
> I'm not sure. Other than testing for rejects on the mail
> proxy, is there a way to test the delegation from the
> Windows side? If I dig the UNIX box it answers up
> correctly for both listed and unlisted IP addresses.
>>
>>> Can it be done? Do I have to go back to mixed-mode?
>>
>> I'm not sure why you think being in native mode is
>> relevant with delegating a sub zone in DNS to another
>> DNS server, unless I'm missing something here. Maybe you
>> should explain, being in Native mode does make some
>> changes with Authentication and makes it impossible to
>> have an NT4 BDC in a Win2k domain. Maybe, you should
>> give a little better explanation as to what you are
>> trying to achieve.
>
> My concern with native mode is in the delegation of the
> subzone to a UNIX box. I know you cannot have NT4 BDCs
> in native mode, but can you delegate a subzone to a UNIX
> box in native mode?
Yes, you can.
>
> What we are trying to achieve: UNIX box is running a
> program called rbldnsd
> (http://www.corpit.ru/mjt/rbldnsd.html). "rbldnsd is a
> small and fast DNS daemon which is especially made to
> serve DNSBL zones. This daemon was inspired by Dan J.
> Bernstein's rbldns program found in the djbdns package."
>
> Our mail proxy queries the rbldnsd server before passing
> the mail to the Exchange server. If an address is listed
> the rbldnsd servers replies with something like
> ":127.0.0.2:Open relay" and rejects the message.
>>
>>> If it can be done, would appreciate how-to. What I have
>>> tried so far does not seem to be correct.
>
> Here is what we have:
> W2K AD native-mode domain: nonprofit.local
>
> Trying to delegate subdomain to UNIX box called:
> abuse.nonprofit.local
So the Unix box can resolve abuse.nonprofit.local?
>
> What we have tried:
>
> In DNS right-click on server and select new zone. Select
> new primary. Select Forward lookup zone. Enter Name:
> abuse.nonprofit.local. Select: create a new file with
> this name. Click finish.
>
> Now I have a new zone, however SOA and A point to
> mainserver.nonprofit.local.
This was incorrect, delete this forward lookup zone and follow these
instructions.
Open the forward lookup zone, nonprofit.local, right click in the zone,
select New delegation, name the delegation abuse, give the delegation the
FQDN and IP address of the Unix DNS server.
>
> At this point I need to edit these entries to point to
> abuse.nonprofit.local so I right-click and make the
> changes.
>
> Should be all I need, right?
>
> Do I need to add NS or A records to primary zone? Make
> any other changes?
What you were trying to create is a Stub zone, which Win2k does not support,
Stub zone support was added to Win2k3.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
Facebook
Twitter
Instagram