nanog mailing list archives
Re: Active Directory requires Microsoft DNS?
From: Rob Austein <sra () isc org>
Date: Sat, 02 Oct 2010 14:03:27 -0400
At Fri, 24 Sep 2010 19:45:09 +0200, Phil Regnauld wrote:
What about dynamic updates of the client ? It's usually not a problem in this direction (Windows client -> BIND DNS), but as you say it won't be secure (GSS-TSIG).
Recent versions of BIND 9 include GSS-TSIG support. It's harder to use than it should be, partly due to lack of documentation (mea culpa), and has some limitations, but does work for the basic task of letting clients (Windows or otherwise) in an Active Directory environment perform DDNS updates using GSS-TSIG authentication. See https://lists.isc.org/pipermail/bind-users/ for recent discussion.
Current thread:
- Re: Active Directory requires Microsoft DNS? Rob Austein (Oct 02)