Настройка bind для AD

[darzanebor]

http://www.lissyara.su/?id=1714 - по этой статье пытался настроить bind9 для использования с Active Directory...
У кого получилось?
А то у меня Windows на днс ругается при попвтке в домен завести комп...

[darzanebor]

named.conf.local

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

//view "my_local" {
//match-clients { 192.168.0.0/25; 10.0.0.0/8; localhost; 127.0.0.1; };

acl AD-Servers {
        192.168.0.98;
};

// Active Directory - _msdcs
zone "_msdcs.muffs.lan" {
        type master;
        allow-update {AD-Servers;};
        check-names ignore;
        file "dynamic/_msdcs.muffs.lan";
};

// Active Directory - _sites
zone "_sites.muffs.lan" {
        type master;
        allow-update {AD-Servers;};
        check-names ignore;
        file "dynamic/_sites.muffs.lan";
};

// Active Directory - _tcp
zone "_tcp.muffs.lan" {
        type master;
        allow-update {AD-Servers;};
        check-names ignore;
        file "dynamic/_tcp.muffs.lan";
};

// Active Directory - _udp
zone "_udp.muffs.lan" {
        type master;
        allow-update {AD-Servers;};
        check-names ignore;
        file "dynamic/_udp.muffs.lan";
};

// Active Directory - DomainDnsZones
zone "DomainDnsZones.muffs.lan" {
        type master;
        allow-update {AD-Servers;};
        check-names ignore;
        file "dynamic/DomainDnsZones.muffs.lan";
};

// Active Directory - ForestDnsZones
zone "ForestDnsZones.muffs.lan" {
        type master;
        allow-update {AD-Servers;};
        check-names ignore;
        file "master/ForestDnsZones.muffs.lan";
};
//LOCAL ZONES
zone "muffs.lan"   {
   type master;
   allow-update{
      AD-Servers;
   };
          file "/etc/bind/db.muffs.lan";
};

zone "0.168.192.in-addr.arpa" in   {
          type master;
        allow-update {
      AD-Servers;
   };   
   file "/etc/bind/0.168.192.in-addr.arpa";
};

папка dynamic

$ORIGIN .
$TTL 86400      ; 1 day
_msdcs.muffs.lan       IN SOA  ns1.muffs.lan. root.ns1.muffs.lan (
                                200110230  ; serial
                                28800      ; refresh (8 hours)
                                7200       ; retry (2 hours)
                                2419200    ; expire (4 weeks)
                                86400      ; minimum (1 day)
                                )
                        NS      ns1.muffs.lan.
$ORIGIN _msdcs.muffs.lan.

$ORIGIN .
$TTL 86400      ; 1 day
_sites.muffs.lan       IN SOA  ns1.muffs.lan. root.ns1.muffs.lan. (
                                200110223  ; serial
                                28800      ; refresh (8 hours)
                                7200       ; retry (2 hours)
                                2419200    ; expire (4 weeks)
                                86400      ; minimum (1 day)
                                )
                        NS      ns1.muffs.lan.
$ORIGIN _tcp.Default-First-Site-Name._sites.muffs.lan.

$ORIGIN .
$TTL 86400      ; 1 day
_tcp.muffs.lan         IN SOA  ns1.muffs.lan. root.ns1.muffs.lan. (
                                200110224  ; serial
                                28800      ; refresh (8 hours)
                                7200       ; retry (2 hours)
                                2419200    ; expire (4 weeks)
                                86400      ; minimum (1 day)
                                )
                        NS      ns1.muffs.lan.
$ORIGIN _tcp.muffs.lan.

$ORIGIN .
$TTL 86400      ; 1 day
_udp.muffs.lan         IN SOA  ns1.muffs.lan. root.ns1.muffs.lan. (
                                200110224  ; serial
                                28800      ; refresh (8 hours)
                                7200       ; retry (2 hours)
                                2419200    ; expire (4 weeks)
                                86400      ; minimum (1 day)
                                )
                        NS      ns1.muffs.lan.
$ORIGIN _udp.muffs.lan.

$ORIGIN .
$TTL 86400      ; 1 day
DomainDnsZones.muffs.lan    IN SOA  ns1.muffs.lan. root.ns1.muffs.lan. (
                                200110220  ; serial
                                28800      ; refresh (8 hours)
                                7200       ; retry (2 hours)
                                2419200    ; expire (4 weeks)
                                86400      ; minimum (1 day)
                                )
                        NS      ns1.muffs.lan.
$ORIGIN DomainDnsZones.muffs.lan.

Папка master

$ORIGIN .
$TTL 86400      ; 1 day
ForestDnsZones.muffs.lan    IN SOA  ns1.muffs.lan. root.ns1.muffs.lan. (
                                200110220  ; serial
                                28800      ; refresh (8 hours)
                                7200       ; retry (2 hours)
                                2419200    ; expire (4 weeks)
                                86400      ; minimum (1 day)
                                )
                        NS      ns1.muffs.lan.
$ORIGIN ForestDnsZones.muffs.lan.

Ну и до кучи smb.conf

[global]
netbios name = server
server string = server
workgroup = muffs.lan
security = user
hosts allow = 127. 192.168.0.
interfaces = 127.0.0.1/8 192.168.0.0/25
bind interfaces only = yes
remote announce = 192.168.0.127
remote browse sync = 192.168.0.127
printcap name = cups
load printers = no
cups options = raw
printing = cups
guest account = smbguest
log file = /var/log/samba/samba.log
max log size = 1000
null passwords = no
username level = 6
password level = 6
encrypt passwords = yes
unix password sync = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = no
domain master = no
preferred master = no
domain logons = no
os level = 64
logon drive = m:
logon home = \\%L\homes\%u
logon path = \\%L\profiles\%u
logon script = %G.bat
time server = no
name resolve order = wins lmhosts bcast
wins support = no
wins proxy = no
dns proxy = no
preserve case = yes
short preserve case = yes
client use spnego = no
client signing = no
client schannel = no
server signing = no
server schannel = no
nt pipe support = yes
nt status support = yes
allow trusted domains = no
obey pam restrictions = yes
enable spoolss = yes
client plaintext auth = no
disable netbios = no
follow symlinks = no
update encrypted = yes
pam password change = no
passwd chat timeout = 120
hostname lookups = no
username map = /etc/samba/smbusers
smb passwd file = /etc/samba/smbpasswd
passwd program = /usr/bin/passwd '%u'
passwd chat = *New*password* %n\n *ReType*new*password* %n\n *passwd*changed*\n
add user script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null '%u'
add user to group script = /usr/sbin/useradd -d /dev/null -c 'Samba User Account' -s /dev/null -g '%g' '%u'
add group script = /usr/sbin/groupadd '%g'
delete user script = /usr/sbin/userdel '%u'
delete user from group script = /usr/sbin/userdel '%u' '%g'
delete group script = /usr/sbin/groupdel '%g'
add machine script = /usr/sbin/useradd -d /dev/null -g sambamachines -c 'Samba Machine Account' -s /dev/null -M '%u'
machine password timeout = 120
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /dev/null
winbind use default domain = yes
winbind separator = @
winbind cache time = 360
winbind trusted domains only = yes
winbind nested groups = no
winbind nss info = no
winbind refresh tickets = no
winbind offline logon = no

[homes]
comment = Home Directories
path = /home2/%U
read only = no
available = yes
browseable = yes
writable = yes
guest ok = no
public = no
printable = no
share modes = no
locking = no

[netlogon]
comment = Network Logon Service
path = /home2/netlogon
read only = no
available = yes
browseable = yes
writable = no
guest ok = no
public = no
printable = no
share modes = no
locking = no

[profiles]
comment = User Profiles
path = /home2/profiles
read only = no
available = yes
browseable = no
writable = yes
guest ok = no
public = no
printable = no
locking = no
create mode = 0600
directory mask = 0700

[printers]
comment = All Printers
path = /var/spool/samba
browseable = yes
writable = no
guest ok = no
public = no
printable = yes
share modes = no
locking = no

ldap не использую хочу хранить их локально на убунте как простых юзверей!!!

[darzanebor]