ActiveDirectory dynamic dns updates to bind9?

Ladislav Vobr lvobr at ies.etisalat.ae
Fri Aug 22 14:16:10 UTC 2003


Bind supports TSIG MD5 and SIG(0) public/private key signatures for
dynamic update, Windows secure updates uses different proprietary gss-tsig.

Ladislav


Rene Mathis wrote:

>BIND only supports unsecure dynamic Updates. You have to switch your 
>DHCP Server to send unsecure updates to the BIND dns server.
>The only way to secure your zone is to implement an access control list.
>
>The only one name servers I know that supports secure dynamic updates 
>from Windows Systems are the Windows DNS Service if it is active 
>directory integrated or the Lucent BIND Name Server which comes with 
>VialQIP.
>
>Rene
>
>Thomas Jachmann wrote:
>  
>
>>I have a Windows 2000 ActiveDirectory domain controller. It doesn't have DNS
>>or DHCP installed. Those services run on a debian woody linux server. The
>>DHCP server does dynamic updates to DNS using secure dynamic updates. The
>>Domain Controller wants to register some host names with DNS but fails to do
>>so because it can't authenticate properly to the DNS server. Has anyone
>>managed to set up such a configuration?
>>
>>Regards,
>>Thomas
>>
>>
>>
>>    
>>
>
>
>
>  
>




More information about the bind-users mailing list