BIND, Active Directory, DDNS, with no Microsoft DNS

Kathy Kost kathyk at
Fri Dec 27 18:35:01 UTC 2002

> Take a look at Cricket Liu's latest book (DNS & BIND Cookbook) .
> There are recipes in there describing how to do this.  Your windows
> admin is probably thinking of setting up the _udp, _tcp, _mcdcs and
> _sites sub-domains under

Thanks for the reply, Rob.  I have been looking at that book and I
have those subdomains already defined.  I was mostly curious if anyone
has been allowing the Win2000 clients to update via DDNS to a BIND
server instead of to an AD server with DNS (inside of a subdomain).  
This to try and avoid using DNS on the Microsoft side and just stick
with BIND.  

> By the way, you don't lose TSIG.  MS DNS does not support TSIG.
> Dynamic updates under windows use GSSTSIG, which is a different beast.
> You are probably right, BIND will probably support GSSTSIG at some
> point.  There are, however, known standard definition problems between
> the two windows implementations of GSSTSIG.

Oops, I was afraid I was mixing up TSIG with GSSTSIG.  Thanks for
setting me straight there. :-)


More information about the bind-users mailing list