How to do a Zone Transfer for a DSfW DNS zone
This document (7010881) is provided subject to the disclaimer at the end of this document.
Open Enterprise Server 11.1 (OES11SP1)
Domain Services for Windows
DSfW server (new forest and domain) was installed with the name of foo.com
Both DNS servers are running Novell DNS
- Log into the DNS/DHCP Management Console
- There should be two foo.com zones listed. Click on the zone belonging to the DSfW server.
note: if there is only one foo.com zone listed then most likely there are two DNS-DHCP locator objects. Follow TID 7010886 to discover all locator objects. Start the DNS/DHCP Management Console with the -c parameter followed by the FDN for the context of the DNS-DHCP locator object.
Example for the default DSfW locator object with the domain mapped to the o=novell container.
Click the "add" button and enter: -c ou=OESSystemObjects,o=novell
- The DSfW server will be listed as the Authoritative and Primary DNS Server. If the existing (non DSfW server) is listed as Authoritative and Primary DNS server close the DNS/DHCP Management Console and open again selecting the second foo.com zone. If the second foo.com zone is selected after viewing the first foo.com, nothing will be displayed.
- Copy the update-policy on the DSfW-DNS server. After selecting the correct Zone click on Control lists Tab. The update-policy of 'grant * sam * A SRV PTR AAAA Key' will be listed. Make a copy of it in your favorite text editor then remove the policy from the DSfW server. The update-policy is only allowed on a primary zone, not a secondary zone. Be sure to save the change by either selecting another zone or clicking on the icon to save.
- Go to the Attributes Tab and change the zone type from Primary to Secondary on the DSfW created zone, specifying the IP Address or Server name of the Pre-existing Novell DNS server.
- Restart DNS (rcnovell-named restart) to initiate the Zone Transfer. The Zone Transfer will complete and all resource records will be merged to the secondary DNS server.
- Log back into the DNS/DHCP Management Console, select the foo.com zone, and designate the DSfW DNS server to be Primary for the zone.
- Click on the Control Lists and add the update-policy of 'grant * sam * A SRV PTR AAAA Key' back. Use an ldif file to add the update policy. Below is an example, replace <zonename> with the zone you in your tree and <context> with the proper context
dNIPUdatePolidy: grant * sam * A SRV AAAA KEY
Then do a ldapmodfy
LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf ldapserach -Y EXTERNAL -f policyupdate.ldif
If DDNS is already configured using DHCP or all workstation have a static address and correct A record this setting might not be necessary.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7010881
- Creation Date:05-OCT-12
- Modified Date:08-OCT-12
- NovellOpen Enterprise Server
- SUSESUSE Linux Enterprise Server
Did this document solve your problem? Provide Feedback