2 Oct
2010
2 Oct
'10
6:03 p.m.
At Fri, 24 Sep 2010 19:45:09 +0200, Phil Regnauld wrote:
What about dynamic updates of the client ? It's usually not a problem in this direction (Windows client -> BIND DNS), but as you say it won't be secure (GSS-TSIG).
Recent versions of BIND 9 include GSS-TSIG support. It's harder to use than it should be, partly due to lack of documentation (mea culpa), and has some limitations, but does work for the basic task of letting clients (Windows or otherwise) in an Active Directory environment perform DDNS updates using GSS-TSIG authentication. See https://lists.isc.org/pipermail/bind-users/ for recent discussion.