On 12/14/2011 2:36 PM, Vbvbrj wrote: > Hello. > > I've setup BIND to serve the requests to lan instead of Microsoft DNS by > first setting bind as a secondary dns server for Microsoft DNS, copy the > zones, and making the BIND the master. In order for domain member hosts > to update the records of the their names in dns, I allow unsecure > updates from the lan computers. It's a security thread of poisoning the > dns. I would like to setup up a secure by the domain servers. On the > internet I read about using "allow-update" with a key file. But I didn't > found a page on how to get the key from the Active Directory kerberos > system. Could any one point on setting the secure update to bind with > key from the already deployed Active Directory? > > The BIND is running under the windows.
GSS-TSIG is not implemented for BIND9 on Windows. Danny _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
