BIND for Active directory with secure update
vbvbrj at gmail.com
Wed Dec 14 19:36:00 UTC 2011
I've setup BIND to serve the requests to lan instead of Microsoft DNS by
first setting bind as a secondary dns server for Microsoft DNS, copy the
zones, and making the BIND the master. In order for domain member hosts
to update the records of the their names in dns, I allow unsecure
updates from the lan computers. It's a security thread of poisoning the
dns. I would like to setup up a secure by the domain servers. On the
internet I read about using "allow-update" with a key file. But I didn't
found a page on how to get the key from the Active Directory kerberos
system. Could any one point on setting the secure update to bind with
key from the already deployed Active Directory?
The BIND is running under the windows.
Please someone help me.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users