netdiablo
Newbie | Редактировать | Профиль | Сообщение | ICQ | Цитировать | Сообщить модератору
Всем доброго времени суток!
Нужно настроить bind98 на freebsd как основу для AD.\
настроил Bind98
вот конфиги:
named.conf
Код:
key "rndc-key" {
algorithm hmac-md5;
secret "PURsAZ1AAItRKHEMPZL9KQ==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
//acl list {172.16.1.0/24;127.0.0.1;};
options {
directory "/etc/namedb";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";
// Изменяем название, ниже расскажу зачем
version "Bind98";
// allow-query {list;};
listen-on {127.0.0.1;};
listen-on {172.16.1.1;};
// allow-recursion {list; 172.16.1.0/24; 127.0.0.1;};
// Добавляем локальные "ip-адреса dns-серверов" вашего провайдера
// их можно посмотреть в /etc/resolv.conf (директива "nameserver") или ч
forwarders {
192.168.254.1;
};
};
logging {
category lame-servers { null; };
channel default_ch {
file "/var/log/named.log" versions 7 size 1024k;
severity info;
print-time yes;
print-category yes;
};
channel security_ch {
file "/var/log/security.log" versions 7 size 1024k;
severity debug;
print-time yes;
print-category yes;
};
category default { default_ch; };
category security { security_ch; };
};
zone "." {
type hint;
file "named.root";
};
zone "localhost" {
type master;
file "master/localhost";
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "master/localhost.rev";
notify no;
};
zone "test.local" {
type master;
file "dynamic/test.local";
allow-query {any;};
allow-update {172.16.1.0/24;127.0.0.1;};
allow-transfer {172.16.1.4;};
};
zone "16.172.in-addr.arpa" {
type master;
file "dynamic/16.172.in-addr.arpa";
allow-query { any; };
allow-update {172.16.1.0/24;127.0.0.1;};
allow-transfer {172.16.1.4;};
};
|
test.local
Код:
ORIGIN .
$TTL 7200 ; 2 hours
test.local IN SOA mr.test.local. root.test.local. (
3 ; serial
21600 ; refresh (6 hours)
1800 ; retry (30 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
IN NS mr.test.local.
$ORIGIN test.local
mr IN A 172.16.1.1
dc IN A 172.16.1.4
$ORIGIN _msdcs.test.local.
$ORIGIN _tcp.Default-First-Site-Name._sites.dc._msdcs.test.local.
_kerberos SRV 0 100 88 dc.test.local.
_ldap SRV 0 100 389 dc.test.local.
$ORIGIN _tcp.dc._msdcs.test.local.
_kerberos SRV 0 100 88 dc.test.local.
_ldap SRV 0 100 389 dc.test.local.
$ORIGIN _msdcs.test.local.
_ldap._tcp.11275bca-08e3-4601-9b21-829e70b80f86.domains SRV 0 100 389 dc.test.local.
$ORIGIN gc._msdcs.test.local.
_ldap._tcp.Default-First-Site-Name._sites SRV 0 100 3268 dc.test.local.
_ldap._tcp SRV 0 100 3268 dc.test.local.
$ORIGIN _msdcs.test.local.
_ldap._tcp.pdc SRV 0 100 389 dc.test.local.
$ORIGIN _tcp.Default-First-Site-Name._sites.test.local.
_gc SRV 0 100 3268 dc.test.local.
_kerberos SRV 0 100 88 dc.test.local.
_ldap SRV 0 100 389 dc.test.local.
$ORIGIN _tcp.test.local.
_gc SRV 0 100 3268 dc.test.local.
_kerberos SRV 0 100 88 dc.test.local.
_kpasswd SRV 0 100 464 dc.test.local.
_ldap SRV 0 100 389 dc.test.local.
$ORIGIN _udp.test.local.
_kerberos SRV 0 100 88 dc.test.local.
_kpasswd SRV 0 100 464 dc.test.local.
|
dhcpd.conf
Код:
use-host-decl-names on;
option domain-name "test.local";
option domain-name-servers 172.16.1.1, 172.16.1.4, 192.168.254.1;
option broadcast-address 172.16.1.1;
option netbios-name-servers 172.16.1.4;
option netbios-dd-server 172.16.1.4;
option netbios-node-type 8;
option routers 172.16.1.1;
default-lease-time 600;
max-lease-time 7200;
authoritative;
ddns-updates on;
ddns-update-style ad-hoc;
ddns-domainname "test.local";
ddns-rev-domainname "16.172.in-addr.arpa.";
ddns-update-style interim;
update-static-leases on;
log-facility local7;
key DHCP_UPDATER {
algorithm HMAC-MD5.SIG-ALG.REG.INT;
secret "PURsAZ1AAItRKHEMPZL9KQ==";
};
include "/etc/namedb/rndc.key";
allow client-updates;
zone 16.172.in-addr.arpa. {
primary 172.16.1.1;
key DHCP_UPDATER;
}
zone test.local. {
primary 172.16.1.1;
key DHCP_UPDATER;
}
subnet 172.16.1.0 netmask 255.255.255.0 {
range 172.16.1.120 172.16.1.200;
option routers 172.16.1.1;
option subnet-mask 255.255.255.0;
option broadcast-address 172.16.1.255;
option netbios-name-servers 172.16.1.4;
option netbios-dd-server 172.16.1.4;
option netbios-node-type 8;
authoritative;
allow client-updates;
ddns-updates on;
ddns-domainname "test.local";
server-name "test.su";
}
host dc { ddns-hostname "dc"; hardware ethernet 26:c4:8a:3d:f9:07; fixed-address 172.16.1.4; option host-name "dc.test.local";}
|
Проверку DNS проходит успешно при инсталляции АД. но при старте системы и при попытке регистрации записей выдает следующее:
Код:
Event Type: Warning
Event Source: DnsApi
Event Category: None
Event ID: 11165
Date: 6/3/2011
Time: 4:01:34 PM
User: N/A
Computer: DC
Description:
The system failed to register host (A) resource records (RRs) for network adapter
with settings:
Adapter Name : {F472BA4D-9D97-49E5-BA2F-77FC690C508A}
Host Name : dc
Primary Domain Suffix : test.local
DNS server list :
172.16.1.1, 172.16.1.4, 192.168.254.1
Sent update to server : <?>
IP Address(es) :
172.16.1.4
The reason the system could not register these RRs was because the DNS server contacted refused the update request. The reasons for this might be (a) you are not allowed to update the specified DNS domain name, or (b) because the DNS server authoritative for this name does not support the DNS dynamic update protocol.
To register the DNS host (A) resource records using the specific DNS domain name and IP addresses for this adapter, contact your DNS server or network systems administrator.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00
|
I really need help |
Всего записей: 13 | Зарегистр. 13-05-2008 | Отправлено: 15:03 03-06-2011 | Исправлено: netdiablo, 16:29 03-06-2011 |
|
