use nsupdate to secure update windows DNS
Kevin Darcy
kcd at daimlerchrysler.com
Fri Dec 2 23:41:26 UTC 2005
Jacky wrote:
>Hi,
>
>I read a message back in 08/2004 about BIND was not implemented to "only
>secure updates" to windows DNS server.
>
>Does anyone know any linux client that can "secure updates" a
>AD-integrated windows DNS server?
>
Well, what exactly are you trying to accomplish here? Lucent's QIP
product has the ability to perform Secure Dynamic Updates in the
Microsoft flavor, and it runs on Linux, but it wouldn't really be
cost-effective, I don't think, to e.g. run separate instances of QIP on
dozens of Linux workstations just so they can register their dynamic IPs
in an AD domain. If you're just looking to push some arbitrary
information securely into an AD-integrated DNS domain, you might be
better off looking at the (Kerberized) LDAP side of things, since (as I
understand it, at least) that's the backend information store for AD
anyway, with DNS just being "published" from that LDAP data.
- Kevin
More information about the bind-users
mailing list