Dear Zonecheck-ers,


I am trying to change the nameservers of a .fr domain to point at my MS
Active Directory-based nameservers but I cannot do so on the system
which uses the zonecheck tool, because there is a problem with testing on
Active Directory servers.


All AD-integrated DNS servers regard themselves as Primaries in SOA records,
this is part of the fault tolerant design of Active Directory. However, when
a primary and a secondary NS are put into the zonecheck tool and a check
performed, you get the error "The primary nameserver doesn't match the given
one" because the test checks both servers, and gets a reply back from both
of them saying they are the primary SOA. I can get around this by changing
the zones from being AD-based to being 'flat' traditional-type zone files,
but this does remove the redundance of AD and adds a (slight) single point
of failure from my network which I would like to avoid.


As having 2 primary servers doesnt cause a problem - only registries that
use zonecheck refuse my name servers at the moment, the vast majority of the
2000+ domains I host (largely .com and are unaffected by this.


Can anyone suggest workarounds for this, or is there a chance of modifying
this rule to take AD into account in future releases?


I would be interested in anyones opinions on this.


Ross Taylor




zonecheck-tests mailing list

Reply via email to