Absolutely. Thank you.
I think, this is the ddns feature, that they would like to use instead of notorious WINS services in Active Directory, but why they enable this by default ? We have about 50 mobile users with laptops traveling, everyone has domain suffix xxxxxx.com, so they all try to update our DNS server with their names. I even can not close this in the firewall, because this use udp 53 .....
Best Regards.
Evgeny.
-----Original Message-----
From: Amir Sela [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 23, 2002 1:22 PM
To: FW Admin
Cc: Linux-IL
Subject: Re: Strange Bind messages
On Wednesday 23 October 2002 10:55, FW Admin wrote:
> Hello list,
>
>
> I have significant amount of the below messages in /var/log/messages for
> Bind:
>
> client 10.106.3.15#3771: updating zone 'xxxxxx.com/IN': update failed:
> 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET): 1
> Time(s)
>
>
> All the clients are the internal w2k machines, and i have about 10 IPs.
> What "update" stands for ? It is not zone transfer. Also, i did not find
> anything suspicious on the client machines at least none has DNS server
> installed :-)
>
>
>
Hello FW(Or is it Mr. Admin?),
I would assume what you're seeing in the logs is the failed attempts of your
client machine's DNS update messages. This is of course, not a Bind issue,
but a W2k issue. The W2k workstations, being naturally insecure about
themselves, want to see their hostnames in your Bind DB files (Much like
young hoodlums spraying their names on public walls).
Uncheck the "Register this machine's name in the DNS"(or something similar to
that line) checkbox in the Advanced TCP/IP propetries's DNS tab.
Amir.
************************************************************************************************** ** eSafe-IL scanned this outgoing email for viruses, vandals and malicious content ** **************************************************************************************************