Req: Total beginners help - Win Q.
Danny Mayer
mayer at gis.net
Wed Dec 21 18:06:29 UTC 2005
Techie wrote:
> Problems solved.
>
> I figure out, after some testing and crawling and digging that the user
> account "named" as entered into windows upon setup is faulty and does not
> allow the running of the named.exe as a service.
>
> The solution was really simple.
>
> Set BIND to run as a local account service instead, once logged in as admin
> on the Windows box and the issue is resolved.
>
> This works for Windows XP Pro at least.
>
No, this is really bad. The named account was set up to run BIND with
only the privileges needed to run. What you did gave it all privileges.
What's wrong is that you left the password empty and a account for a
service must have a password.
> How it would impact something like Windows 2000 Server or Windows 2003 is
> yet to be seen, but since those two are more server oriented, it is likely
> to work with the named. user account on those.
>
See above.
> Also unknown still is the security precautions of this setup however
> running double software firewalls and one hardware firewall should take
> care of that problem for the time being.
>
This means nothing. Security is more than just a firewall. You just
bypassed the security. I had good reasons for implementing this the way
I did.
Danny
More information about the bind-users
mailing list