During DSfW configuration, you are provided with an option to select the installation of DNS. For the first domain controller (DC) of the forest root domain, this is done by default. For all the additional domain controllers (ADC), the DNS configuration in OES2SP3 is optional. However, after DSfW configuration on the ADC, if you need to configure DNS on the ADC, it cannot be done using YaST. The script provided here enables you to configure DNS on the ADC in a post-configuration manner.
This script can be run on an ADC in scenarios like:
- The ADC in OES2SP2 upgraded to OES2SP3, and DNS server is to be configured
- The ADC already in OES2SP3 code level and it is not already configured as a DNS server.
The script does the following operations:
- Configure DNS by running "dns-inst". This installs DNS on the ADC.
- Add the ADC's DNS server object to the forward zone and reverse zone objects in the dNIPZoneServers attribute.
- Add the forward and reverse zone object to the dNIPZoneList attribute of the ADC's DNS server.
- Add the NS record for the ADC's DNS server to the forward zone.
- Update the "xad.ini" configuration file for "DNSSERVER" and "DNS Master" entries, as it changes after the DNS configuration on the ADC.
- Update /etc/resolv.conf with "nameserver" referring the local server IP.
- Restart the novell-named. Re-start is attempted twice. Even then if it still doesn't come up, restart it after the script execution is complete.
- All the DNS related contexts and administrator FQDNs are read from the install registry (xad.ini and XAD::registry perl module).
The passwords are read from the environment variables. More information is provided below.
- The execution logs appear on console as well as goes to /var/opt/novell/xad/log/dns_config.log.
The script need be executed by exporting the following environment variables or can be given inline during the execution of the script ;
The example of command line execution of the script is:
# NDSEXISTINGADMINPASSWD=<tree-admin-password> DOMAINADMINPASSWD=<domain-admin-password> perl ./configure_dns_adc.pl
The script accepts two environment variables:
NDSEXISTINGADMINPASSWD - Tree Administrator password
- In case of name-mapped (NM), it is the tree administrator password.
- In case of non-name-mapped (NNM), it is the Forest Root Domain (FRD) administrator password.
DOMAINADMINPASSWD - Domain Administrator Password.
The DNS configuration on a ADC provides the mechanism for load balancing between domain controllers. Also this helps in the scenario when the PDC role transfer/seizure need to be done. With DNS server also present on the ADC, the new PDC will be completely functional as a primary domain controller.
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.