BIND 8.2.2P5, Windows 2000, and security
Delmer Harris
dharris at kcp.com
Mon May 1 19:26:37 UTC 2000
I am running 8.2.2P5 on Solaris 2.7 in a test setup, trying to support
Windows
2000 for our server development group. I have allowed updates from the
domain
controllers and thought all was well. Now the Windows 2000 server group
tells
me I must allow updates from all workstations as well. This goes against
my
security instincts, as I don't trust all the workstations on our network.
My questions are to anyone who has tried to support Windows 2000 from a
Un*x
DNS.
Do I really need to allow every workstation to update DNS?
If I do, what would I gain by creating a subdomain for Windows 2000 and
letting
the server group maintain the DNS for that subdomain. I think I would
still
have all those entries propagated to my DNS servers.
Thanks.
More information about the bind-users
mailing list