A few problems i discovered:
>- sometimes have a higher serial then all masters have, is this normal on
>an AD DNS? or am I doing something wrong i thought this could not happen.
Only transfer from one AD master. Microsoft AD doesn't maintain
consistent serials across the servers. The serials should be
monotonically increasing from a individual server.
And when I had BIND slaves for AD masters, when patches were being
applied to the Domain Controllers (i.e., the ONE DC that I had
selected as a master), a zone serial number would decrease. In most
(but not all) cases, after the DC patching was finished, the zone
serial number would go back to "normal". I was not allowed to open a
trouble ticket with Microsoft. Every morning at 7AM I ran a cron to
capture the zone serial numbers on all of the 44+ AD zones on all my
BIND DNS servers.
(I just realized that in my post about a half-hour ago on this
subject, I had forgotten to change the "Subject:" line from the
digest).
--Barry Finkel
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
