ActiveDirectory dynamic dns updates to bind9?
Barry Finkel
b19141 at achilles.ctd.anl.gov
Mon Aug 25 14:04:12 UTC 2003
>"Jonathan de Boyne Pollard" <J.deBoynePollard at tesco.net> wrote:
>> Either switch from using the DNS and DHCP servers on your Linux machine to
>> using Microsoft's DNS and DHCP servers, or remove the requirement that Dynamic
>> DNS updates coming (or purporting to come) from your Windows Domain Controller
>> be authentic.
"Thomas Jachmann" <hoto99 at gmx.de> replied:
>OK - I implemented an IP based ACL for the zones ActiveDirectory has to
>update. This actually should work - I tested modifying the zones with
>nsupdate without specifying a key but coming from the right IP. This worked.
>But Windows still doesn't modify the zones... must be some error on the
>windows side, since it says, that it cannot update the zones - anyone
>experience with this? Netlogon prints warning ID 5781 to the system log. But
>this is off topic, right? :)
Are there any DDNS error messages on the BIND master? Are the DDNS
requests getting to the master? I would suggest a network sniffer
on the BIND side to see exacty what, if any, packets are getting to
the BIND master.
I do not consider the topic of BIND/W2k AD off-topic for this list.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Instrumentation Solutions Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: BSFinkel at anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994
More information about the bind-users
mailing list