Thanks for helping me out with this.
I finally managed to get my first domain controller recognize the DNS server. I did that in this following manner:
I added the following records into my zone file pointing to the DNS server:
_msdcs
_sites
_tcp
_udp
I also created separate zone files for each of those above pointing to my Primary DNS.
When the AD wanted to update the records, it got bunch of permission denied stuff while creating the Journal files (.jnl) for the above zones. So I touched and manually created the .jnl files for the AD and I changed the ownership to named (chown named *.jnl), along with changing the permission to 755 for those files.
Then I when I restarted the net logon service on the AD, it magically works and all the updates take place and it recognizes the BIND as the primary DNS server.
However, I am facing another weird situation.
I created another domain controller - a secondary domain controller. The Secondary Domain Controller fails to see the first domain controller completely. Although I have manually added it to the domain, it still can't see the first or primary domain controller. It throws the error:
Code:
The error was: "DNS server failure."
(error code 0x0000232A RCODE_SERVER_FAILURE)
The query was for the SRV record for _ldap._tcp.dc._msdcs.mydomain.com
The thing is, I manually created the SRV record for the above (_ldap._tcp.dc._msdcs.mydomain.com) pointing to my first domain controller, but that doesn't work.
But here is a bigger issue that I am facing right now.
My nslookup doesn't work properly any more. Ever since I have updated the AD and make it synchronize and work with the BIND, it doesn't resolve the names any more. nslookup for the IP address works great, but nslookup for the fqdn doesn't work. I get the following error message:
Code:
;; Got SERVFAIL reply from 192.168.1.111
192.168.1.111 is my BIND DNS server.
I have no idea what to do. At least the nslookup was working fine until few minutes ago when I fixed the AD thing. Any ideas what might be wrong?
Thanks in advance for your ideas.