I am in the process of replacing all the Windows 2003 DCs in our Domain with new Windows 2008 R2 servers. The current setup consists of three domain controllers that use BIND for DNS. The existing DCs update their srv records in DNS dynamicly with no errors. This configuration has been in production for more than 5+ years with no DNS problems.
After promoting one of the Windows 2008 servers, I started seeing multiple DNS dynamic registration failures (event 5774) on the 2008 server only. There is one event logged for each of the 13 srv records that netologon is trying to register. The error value for each event is "Bad DNS packet."
The 2003 DCs are still able to dynamically register with DNS and BIND is configured to allow dynamic updates from the new 2008 DC.
The strange thing is that when I check the DNS server zone files the new 2008 DC is correctly registered in DNS. Also replication works with no errors. The only errors I see in the event log are the 5774 errors.
The BIND server is set to accept non secure updates from only the three old DCs and the three new DCs. Does Windows 2008 only register DNS with DNS servers that only accept secure updates?
Since the DNS records are registered correctly can I ignore the 5774 errors or is there something else that I should look at.
Thanks for any help
↧
BIND DNS and Windows 2008 R2
↧