allow-notify applies to slave zones only and defines a match list, for example, IP address(es) that are allowed to NOTIFY this server and implicitly update the zone in addition to those hosts defined in the masters option for the zone.The default behaviour is to allow zone updates only from the masters IP(s).This statement is mutually exclusive with update-policy and applies to master zones only.The example shows DDNS for three zones: the first disables DDNS explicitly, the second uses an IP-based list, and the third references a key clause.The term 'masters' here doesn't mean that the servers listed have to have the zone configured as 'master' - it just means that these servers so listed are authoritative for the zone and can provide a zone update if one is requested of them.Slave servers can provide zone updates to other slaves.The syntax of zone data files lends itself to making mistakes.
The servers are queried in turn - named moves on to the next server in the list if either: On the first SOA received that is bigger than the one than the slave is currently serving, then named will initial a zone transfer with that server.
Reason: Administrator could not configure a slave DNS server as it cannot function properly unless SOA serial number is changed every time a DNS record is changed.
Result (if any): bind-dyndb-ldap plugin used to provision data from Identity Management DNS tree to the BIND Name Server updates DNS zone SOA serial number every time when the DNS zone or its record is modified, thus allowing Administrators to configure a slave DNS server for zones managed by Identity Management.
Feature: Automatically increase SOA serial number when a DNS zone managed by Identity Management any record in the zone is updated.
This feature takes advantage of and requires persistent search data refresh mechanism, which is enabled by default in the Identity Management server install script.