DNS update via dhcp and static entries

[Norman Zhang]

>>I'm just pointing out there is case where static IP wants to do
>>DDNS. There are lots of entries that AD needs to associate with
>>in DNS.
> 
> You can override this behaviour of the Win2003-Server in the registrie, so
> he will stop to write his own static DNS-entry every two(?) hours.

Yeah. They made TTL to 2 hours.

> The Service-Entries for the AD are something completly different. My
> suggestion is, to create subdomains (_mscds, _sites, _udt and _tcp) for
> which you give the Win2003-Server write-permission.

Thanks. Very good idea indeed. Do you have a sample handy? 8)

> Unfortunately Windows cannot do TSIG (M$ implemented GSS-TSIG so its
> incompatible to all non MS-Server) so you have to use the IP-Adress of the
> server.

I'm not familiar with TSIG. Is GSS-TSIG a requirement for AD? That may 
explain some of the LDAP errors I'm seeing on Windows Server 2003. E.g.,

Event Type:    Error
Event Source:    MSADC
Event Category:    LDAP Operations
Event ID:    8026
Date:        9/30/2004
Time:        2:37:18 PM
User:        N/A
Computer:    EXCH2003
Description:
LDAP Bind was unsuccessful on directory exch2003.arkon-group.com for 
distinguished name ''. Directory returned error:[0x34] Unavailable.

Perhaps it is best that I setup MS DNS to grab updates from bind?

Regards,
Norman