ISC Bind in Active Directory

Chris Buxton chris.p.buxton at gmail.com
Wed Oct 24 16:00:11 UTC 2012


On Oct 24, 2012, at 6:50 AM, Nicholas F Miller wrote:
> Scavenging is a concern but we didn't have much choice. Our AD is only one of many subdomains and our DHCP spans all of them. If we used DHCP for DDNS records we wouldn't be guaranteed unique names. By limiting DDNS to just the AD we are guaranteed unique names. We only needed DDNS in our AD so it made the most sense to use GSS-TSIG.

So let the client specify the DDNS domain name, in the DHCP transaction. Or just hard-code a DDNS domain name into each subnet, possibly varying by subnet. Or do both -- use the client-supplied value if one is supplied, or else use the default.

Bear in mind, I'm not saying client updates are necessarily bad, only that you could have done it the other way.

Chris Buxton
BlueCat Networks


More information about the bind-users mailing list