unapproved update from ...
Kevin Darcy
kcd at daimlerchrysler.com
Fri Jun 30 00:57:05 UTC 2000
Serkan AKCIN wrote:
> My windows 2000 server (Primary domain controller and Active Directory
> installed)
> triyng to update DNS registry.
>
> Error...............
> Jun 29 14:36:18 ankara named[1948]: unapproved update from
> [193.140.164.68].1304 for baskent.edu.tr
>
> How can I prevent this?
Do you want to a) allow the updates, b) keep denying the updates, but
without logging the denials, or c) prevent the actual update attempts?
a) turn on "allow-update". But if you do this: 1) there are serious
security implications, and 2) you won't be able to have $INCLUDE or
$GENERATE or other kinds of directives in the zonefiles because they get
overwritten by the Dynamic Update mechanism; ditto for manual updates, so
you're basically committed to using Dynamic Update for *all* changes to
the zones.
b) create a customized "logging" statement.
c) talk to your Windows 2000 implementors. This option may require
threats of bodily harm.
- Kevin
More information about the bind-users
mailing list