On Sun, 2012-10-14 at 15:31 -0700, Matthieu Patou wrote: > On 10/14/2012 03:17 PM, Andrew Bartlett wrote: > > On Sun, 2012-10-14 at 15:02 +0000, Steve wrote: > >> Is it possible to change from the internal name server to BIND once you've > >> provisioned a domain? > >> > >> I set mine up with the internal since it seemed easier, but then discovered > >> the only way for my DHCP clients to update their names in DNS is via BIND, > >> so I'd rather use that instead. > > I'm not sure it will work anyway, but you are welcome to try. I think > > we would need some more code to correctly accept TKEY requests in the > > same way the internal DNS server accepts unauthenticated requests (write > > them 'as system'). > Which kind of updates the internal is able to handle tsig only ?
I'm having trouble parsing that, but yes, additional patches are required to have the internal DNS server accept static keys. We would need a key storage mechanism, and then code to implement that TSIG method. I think it would be a very valuable improvement. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
