<div dir="ltr">Thanks Ken,<div>It appears that the mystery has been solved. Apparently when I used Ansible to create the zones the issue presents itself..SOA? But when manually entering the zones using NSEDIT all seems to start working immediately. Very strange.</div><div><br></div><div>And thanks Jan-Piet as well. Ironically the Ansible python module that I was using was your's! :) Not saying that is the cause but the method of creating these zones automated seems to be the only common factor. I will be doing some additional testing to narrow in on the issue more however.</div><div><br></div><div>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (31975) from 10.0.101.112 for _msdcs.everythingshouldbevirtual.local: Deleting record a23fa75d-c05d-405e-9e0b-c85730a2dd9d._msdcs.everythingshouldbevirtual.local|CNAME</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (31975) from 10.0.101.112 for _msdcs.everythingshouldbevirtual.local: Adding record a23fa75d-c05d-405e-9e0b-c85730a2dd9d._msdcs.everythingshouldbevirtual.local|CNAME</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (31975) from 10.0.101.112 for _msdcs.everythingshouldbevirtual.local: Increasing SOA serial (2015100144 -> 2015100145)</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (33768) from 10.0.101.112 for _msdcs.everythingshouldbevirtual.local: Replace for record _kerberos._tcp.dc._msdcs.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (48156) from 10.0.101.112 for _msdcs.everythingshouldbevirtual.local: Replace for record _kerberos._tcp.default-first-site-name._sites.dc._msdcs.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (27637) from 10.0.101.112 for _msdcs.everythingshouldbevirtual.local: Replace for record _ldap._tcp.dc._msdcs.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (48907) from 10.0.101.112 for _msdcs.everythingshouldbevirtual.local: Replace for record _ldap._tcp.default-first-site-name._sites.dc._msdcs.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (6608) from 10.0.101.112 for _tcp.everythingshouldbevirtual.local: Replace for record _kerberos._tcp.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (41175) from 10.0.101.112 for _sites.everythingshouldbevirtual.local: Replace for record _kerberos._tcp.default-first-site-name._sites.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (18951) from 10.0.101.112 for _tcp.everythingshouldbevirtual.local: Replace for record _gc._tcp.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (22459) from 10.0.101.112 for _sites.everythingshouldbevirtual.local: Replace for record _gc._tcp.default-first-site-name._sites.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (7871) from 10.0.101.112 for _udp.everythingshouldbevirtual.local: Replace for record _kerberos._udp.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (43464) from 10.0.101.112 for _tcp.everythingshouldbevirtual.local: Replace for record _kpasswd._tcp.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (44722) from 10.0.101.112 for _udp.everythingshouldbevirtual.local: Replace for record _kpasswd._udp.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (36982) from 10.0.101.112 for everythingshouldbevirtual.local: Replace for record _ldap._tcp.domaindnszones.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (16995) from 10.0.101.112 for everythingshouldbevirtual.local: Replace for record _ldap._tcp.default-first-site-name._sites.domaindnszones.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (60635) from 10.0.101.112 for everythingshouldbevirtual.local: Replace for record _ldap._tcp.forestdnszones.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (9374) from 10.0.101.112 for everythingshouldbevirtual.local: Replace for record _ldap._tcp.default-first-site-name._sites.forestdnszones.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (2295) from 10.0.101.112 for everythingshouldbevirtual.local: Replace for record everythingshouldbevirtual.local|A requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (54517) from 10.0.101.112 for _msdcs.everythingshouldbevirtual.local: Replace for record gc._msdcs.everythingshouldbevirtual.local|A requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (4167) from 10.0.101.112 for everythingshouldbevirtual.local: Replace for record domaindnszones.everythingshouldbevirtual.local|A requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:03 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (50521) from 10.0.101.112 for everythingshouldbevirtual.local: Replace for record forestdnszones.everythingshouldbevirtual.local|A requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:10 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (61789) from 10.0.101.111 for everythingshouldbevirtual.local: Replace for record _ldap._tcp.default-first-site-name._sites.domaindnszones.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:10 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (18642) from 10.0.101.111 for everythingshouldbevirtual.local: Replace for record _ldap._tcp.default-first-site-name._sites.forestdnszones.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:10 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (36802) from 10.0.101.111 for _tcp.everythingshouldbevirtual.local: Replace for record _ldap._tcp.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:10 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (32437) from 10.0.101.111 for _sites.everythingshouldbevirtual.local: Replace for record _ldap._tcp.default-first-site-name._sites.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:10 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (23016) from 10.0.101.111 for _msdcs.everythingshouldbevirtual.local: Replace for record _ldap._tcp.gc._msdcs.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:10 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (61787) from 10.0.101.111 for _msdcs.everythingshouldbevirtual.local: Replace for record _ldap._tcp.default-first-site-name._sites.gc._msdcs.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p>
<p class=""><span class="">Oct 1 10:22:10 ns2 pdns[21551]: </span><span class="">UPDATE</span><span class=""> (24391) from 10.0.101.111 for _msdcs.everythingshouldbevirtual.local: Replace for record _ldap._tcp.d1ead3b8-ff12-45ed-9a67-b38280cbd369.domains._msdcs.everythingshouldbevirtual.local|SRV requested, but no changes made.</span></p></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Oct 1, 2015 at 9:13 AM, <a href="mailto:ktm@rice.edu">ktm@rice.edu</a> <span dir="ltr"><<a href="mailto:ktm@rice.edu" target="_blank">ktm@rice.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On Thu, Oct 01, 2015 at 08:40:03AM -0400, Larry Smith wrote:<br>
> I should also note...All static entries other than AD related (SRV) work<br>
> and all DHCP (ISC-DHCP) DDNS related entries are created and work; other<br>
> than AD DDNS related entries which should be created automatically within<br>
> each zone.<br>
><br>
> Zones pre-created are below.<br>
> <a href="http://example.org" rel="noreferrer" target="_blank">example.org</a><br>
> _<a href="http://msdcs.example.org" rel="noreferrer" target="_blank">msdcs.example.org</a><br>
> _<a href="http://sites.example.org" rel="noreferrer" target="_blank">sites.example.org</a><br>
> _<a href="http://tcp.example.org" rel="noreferrer" target="_blank">tcp.example.org</a><br>
> _<a href="http://udp.example.org" rel="noreferrer" target="_blank">udp.example.org</a><br>
><br>
> The following are set in pdns.conf<br>
><br>
> allow-dnsupdate-from=<a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
><br>
> experimental-dnsupdate=yes<br>
><br>
<br>
</span>Hi Larry,<br>
<br>
AD DDNS uses GSS-TSIG. Make sure that your Kerberos environment is correct and<br>
that your system times are sync-ed. Otherwise the authentication will fail.<br>
<br>
Regards,<br>
Ken<br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr">Twitter <a href="http://twitter.com/mrlesmithjr" target="_blank">@mrlesmithjr</a><div>Blog <a href="http://EverythingShouldBeVirtual.com" target="_blank">EverythingShouldBeVirtual.com</a></div><div>Interested in blog sponsorship? Go to <a href="http://bit.ly/10Aj7Sq" target="_blank">http://bit.ly/10Aj7Sq</a></div></div></div>
</div>