Mark Andrews wrote: > In message <[EMAIL PROTECTED]>, arpad bind writes > : >> Hello, >> >> >> I have a problem with secure update via BIND 9.5 against Windows 2003 SP2 Dy >> namic DNS service. DNS server is rejecting the updates. (Secure Updates from >> MS clients works fine.) >> >> >> >> I did these steps: >> >> * GSS support was compiled (compiler gcc) >> >> * linked against AIX 5.3 Kerberos libaries and MIT Kerberos 1.6.3 (with none >> of them it works) >> >> - update is tried as domain admin, and option '-o' activates the Microsoft i >> mplementation of GSS protocol >> >> #> kinit >> >> #> nsupdate -o >> >>> update add test123.test.hu 86400 A 10.144.164.100 >>> send >> - DNS server replies with: >> >> ; TSIG error with server: tsig verify failure >> >> update failed: REFUSED >> >> In the network trace I see that the TKEY is negotiated successfully but the >> update will be refused. >> >> Could someone help me please how to set up secure DDNS against Windows DNS v >> ia NSUPDATE? >> >> Thanks in advance. >> >> Best Regards, >> >> Arpad > > That's a matter of finding the right Windows documentation > which describes how to allow a particular principal to update > the DNS. When you find it please let us know. > > Mark
I believe that the system in question needs to be a member of the AD Domain as a host. Danny
