Environment
Open Enterprise Server 11 (OES11)
Open Enterprise Server 11.1 (OES11SP1)
DSfW
Domain Services for Windows
Novell DNS
Open Enterprise Server 11.1 (OES11SP1)
DSfW
Domain Services for Windows
Novell DNS
Situation
DNS zone (Domain name) foo.com is already used in production
DSfW server (new forest and domain) was installed with the name of foo.com
Both DNS servers are running Novell DNS
DSfW server (new forest and domain) was installed with the name of foo.com
Both DNS servers are running Novell DNS
Resolution
To perform a zone transfer do the following:
- Log into the DNS/DHCP Management Console
- There should be two foo.com zones listed. Click on the zone belonging to the DSfW server.
note: if there is only one foo.com zone listed then most likely there are two DNS-DHCP locator objects. Follow KB 7010886 to discover all locator objects. Start the DNS/DHCP Management Console with the -c parameter followed by the FDN for the context of the DNS-DHCP locator object.
Example for the default DSfW locator object with the domain mapped to the o=novell container.
Click the "add" button and enter: -c ou=OESSystemObjects,o=novell - The DSfW server will be listed as the Authoritative and Primary DNS Server. If the existing (non DSfW server) is listed as Authoritative and Primary DNS server close the DNS/DHCP Management Console and open again selecting the second foo.com zone. If the second foo.com zone is selected after viewing the first foo.com, nothing will be displayed.
- Copy the update-policy on the DSfW-DNS server. After selecting the correct Zone click on Control lists Tab. The update-policy of 'grant * sam * A SRV PTR AAAA Key' will be listed. Make a copy of it in your favorite text editor then remove the policy from the DSfW server. The update-policy is only allowed on a primary zone, not a secondary zone. Be sure to save the change by either selecting another zone or clicking on the icon to save.
- Go to the Attributes Tab and change the zone type from Primary to Secondary on the DSfW created zone, specifying the IP Address or Server name of the Pre-existing Novell DNS server.
- Restart DNS (rcnovell-named restart) to initiate the Zone Transfer. The Zone Transfer will complete and all resource records will be merged to the secondary DNS server.
- Log back into the DNS/DHCP Management Console, select the foo.com zone, and designate the DSfW DNS server to be Primary for the zone.
- Click on the Control Lists and add the update-policy of 'grant * sam * A SRV PTR AAAA Key' back. Use an ldif file to add the update policy. Below is an example, replace <zonename> with the zone you in your tree and <context> with the proper context
dn: <zonename>,<context>
changetype: modify
add: dNIPUdatePolicy
dNIPUdatePolidy: grant * sam * A SRV AAAA KEY
Then do a ldapmodfy
LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf ldapserach -Y EXTERNAL -f policyupdate.ldif
Additional Information
The update-policy of 'grant * sam * A SRV PTR AAAA Key' is needed for the domain to perform dynamic DNS (DDNS) for workstations joining the domain. All workstations need to have an A record.
If DDNS is already configured using DHCP or all workstation have a static address and correct A record this setting might not be necessary.
If DDNS is already configured using DHCP or all workstation have a static address and correct A record this setting might not be necessary.