Re: Active Directory requires Microsoft DNS?

[Rob Austein <sra () isc org>]

At Fri, 24 Sep 2010 19:45:09 +0200, Phil Regnauld wrote:
>       What about dynamic updates of the client ?  It's usually not
>       a problem in this direction (Windows client -> BIND DNS), but as you
>       say it won't be secure (GSS-TSIG).

Recent versions of BIND 9 include GSS-TSIG support.  It's harder to
use than it should be, partly due to lack of documentation (mea
culpa), and has some limitations, but does work for the basic task of
letting clients (Windows or otherwise) in an Active Directory
environment perform DDNS updates using GSS-TSIG authentication.

See https://lists.isc.org/pipermail/bind-users/ for recent discussion.