[Pdns-users] PDNS - Active Directory DDNS

Larry Smith mrlesmithjr at gmail.com
Thu Oct 1 14:24:43 UTC 2015 

Thanks Ken,
It appears that the mystery has been solved. Apparently when I used Ansible
to create the zones the issue presents itself..SOA? But when manually
entering the zones using NSEDIT all seems to start working immediately.
Very strange.

And thanks Jan-Piet as well. Ironically the Ansible python module that I
was using was your's! :) Not saying that is the cause but the method of
creating these zones automated seems to be the only common factor. I will
be doing some additional testing to narrow in on the issue more however.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (31975) from 10.0.101.112 for
_msdcs.everythingshouldbevirtual.local: Deleting record
a23fa75d-c05d-405e-9e0b-c85730a2dd9d._msdcs.everythingshouldbevirtual.local|CNAME

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (31975) from 10.0.101.112 for
_msdcs.everythingshouldbevirtual.local: Adding record
a23fa75d-c05d-405e-9e0b-c85730a2dd9d._msdcs.everythingshouldbevirtual.local|CNAME

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (31975) from 10.0.101.112 for
_msdcs.everythingshouldbevirtual.local: Increasing SOA serial (2015100144
-> 2015100145)

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (33768) from 10.0.101.112 for
_msdcs.everythingshouldbevirtual.local: Replace for record
_kerberos._tcp.dc._msdcs.everythingshouldbevirtual.local|SRV requested, but
no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (48156) from 10.0.101.112 for
_msdcs.everythingshouldbevirtual.local: Replace for record
_kerberos._tcp.default-first-site-name._sites.dc._msdcs.everythingshouldbevirtual.local|SRV
requested, but no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (27637) from 10.0.101.112 for
_msdcs.everythingshouldbevirtual.local: Replace for record
_ldap._tcp.dc._msdcs.everythingshouldbevirtual.local|SRV requested, but no
changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (48907) from 10.0.101.112 for
_msdcs.everythingshouldbevirtual.local: Replace for record
_ldap._tcp.default-first-site-name._sites.dc._msdcs.everythingshouldbevirtual.local|SRV
requested, but no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (6608) from 10.0.101.112 for
_tcp.everythingshouldbevirtual.local: Replace for record
_kerberos._tcp.everythingshouldbevirtual.local|SRV requested, but no
changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (41175) from 10.0.101.112 for
_sites.everythingshouldbevirtual.local: Replace for record
_kerberos._tcp.default-first-site-name._sites.everythingshouldbevirtual.local|SRV
requested, but no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (18951) from 10.0.101.112 for
_tcp.everythingshouldbevirtual.local: Replace for record
_gc._tcp.everythingshouldbevirtual.local|SRV requested, but no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (22459) from 10.0.101.112 for
_sites.everythingshouldbevirtual.local: Replace for record
_gc._tcp.default-first-site-name._sites.everythingshouldbevirtual.local|SRV
requested, but no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (7871) from 10.0.101.112 for
_udp.everythingshouldbevirtual.local: Replace for record
_kerberos._udp.everythingshouldbevirtual.local|SRV requested, but no
changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (43464) from 10.0.101.112 for
_tcp.everythingshouldbevirtual.local: Replace for record
_kpasswd._tcp.everythingshouldbevirtual.local|SRV requested, but no changes
made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (44722) from 10.0.101.112 for
_udp.everythingshouldbevirtual.local: Replace for record
_kpasswd._udp.everythingshouldbevirtual.local|SRV requested, but no changes
made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (36982) from 10.0.101.112 for
everythingshouldbevirtual.local: Replace for record
_ldap._tcp.domaindnszones.everythingshouldbevirtual.local|SRV requested,
but no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (16995) from 10.0.101.112 for
everythingshouldbevirtual.local: Replace for record
_ldap._tcp.default-first-site-name._sites.domaindnszones.everythingshouldbevirtual.local|SRV
requested, but no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (60635) from 10.0.101.112 for
everythingshouldbevirtual.local: Replace for record
_ldap._tcp.forestdnszones.everythingshouldbevirtual.local|SRV requested,
but no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (9374) from 10.0.101.112 for
everythingshouldbevirtual.local: Replace for record
_ldap._tcp.default-first-site-name._sites.forestdnszones.everythingshouldbevirtual.local|SRV
requested, but no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (2295) from 10.0.101.112 for
everythingshouldbevirtual.local: Replace for record
everythingshouldbevirtual.local|A requested, but no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (54517) from 10.0.101.112 for
_msdcs.everythingshouldbevirtual.local: Replace for record
gc._msdcs.everythingshouldbevirtual.local|A requested, but no changes made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (4167) from 10.0.101.112 for
everythingshouldbevirtual.local: Replace for record
domaindnszones.everythingshouldbevirtual.local|A requested, but no changes
made.

Oct  1 10:22:03 ns2 pdns[21551]: UPDATE (50521) from 10.0.101.112 for
everythingshouldbevirtual.local: Replace for record
forestdnszones.everythingshouldbevirtual.local|A requested, but no changes
made.

Oct  1 10:22:10 ns2 pdns[21551]: UPDATE (61789) from 10.0.101.111 for
everythingshouldbevirtual.local: Replace for record
_ldap._tcp.default-first-site-name._sites.domaindnszones.everythingshouldbevirtual.local|SRV
requested, but no changes made.

Oct  1 10:22:10 ns2 pdns[21551]: UPDATE (18642) from 10.0.101.111 for
everythingshouldbevirtual.local: Replace for record
_ldap._tcp.default-first-site-name._sites.forestdnszones.everythingshouldbevirtual.local|SRV
requested, but no changes made.

Oct  1 10:22:10 ns2 pdns[21551]: UPDATE (36802) from 10.0.101.111 for
_tcp.everythingshouldbevirtual.local: Replace for record
_ldap._tcp.everythingshouldbevirtual.local|SRV requested, but no changes
made.

Oct  1 10:22:10 ns2 pdns[21551]: UPDATE (32437) from 10.0.101.111 for
_sites.everythingshouldbevirtual.local: Replace for record
_ldap._tcp.default-first-site-name._sites.everythingshouldbevirtual.local|SRV
requested, but no changes made.

Oct  1 10:22:10 ns2 pdns[21551]: UPDATE (23016) from 10.0.101.111 for
_msdcs.everythingshouldbevirtual.local: Replace for record
_ldap._tcp.gc._msdcs.everythingshouldbevirtual.local|SRV requested, but no
changes made.

Oct  1 10:22:10 ns2 pdns[21551]: UPDATE (61787) from 10.0.101.111 for
_msdcs.everythingshouldbevirtual.local: Replace for record
_ldap._tcp.default-first-site-name._sites.gc._msdcs.everythingshouldbevirtual.local|SRV
requested, but no changes made.

Oct  1 10:22:10 ns2 pdns[21551]: UPDATE (24391) from 10.0.101.111 for
_msdcs.everythingshouldbevirtual.local: Replace for record
_ldap._tcp.d1ead3b8-ff12-45ed-9a67-b38280cbd369.domains._msdcs.everythingshouldbevirtual.local|SRV
requested, but no changes made.

On Thu, Oct 1, 2015 at 9:13 AM, ktm at rice.edu <ktm at rice.edu> wrote:

> On Thu, Oct 01, 2015 at 08:40:03AM -0400, Larry Smith wrote:
> > I should also note...All static entries other than AD related (SRV) work
> > and all DHCP (ISC-DHCP) DDNS related entries are created and work; other
> > than AD DDNS related entries which should be created automatically within
> > each zone.
> >
> > Zones pre-created are below.
> > example.org
> > _msdcs.example.org
> > _sites.example.org
> > _tcp.example.org
> > _udp.example.org
> >
> > The following are set in pdns.conf
> >
> > allow-dnsupdate-from=0.0.0.0/0
> >
> > experimental-dnsupdate=yes
> >
>
> Hi Larry,
>
> AD DDNS uses GSS-TSIG. Make sure that your Kerberos environment is correct
> and
> that your system times are sync-ed. Otherwise the authentication will fail.
>
> Regards,
> Ken
>



-- 
Twitter @mrlesmithjr <http://twitter.com/mrlesmithjr>
Blog EverythingShouldBeVirtual.com
Interested in blog sponsorship? Go to http://bit.ly/10Aj7Sq
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20151001/4471957d/attachment-0001.html>

More information about the Pdns-users mailing list