Re: Yet another GSS-TSIG thread for BIND9 with AD

2020-06-12 Thread Vinícius Ferrão via bind-users 
Hi Tim, sorry foi the delayed answer, but the message was gone to the spam 
folder.

I tried with your settings but the results were the same:

==> /var/log/named/update.log <==
12-Jun-2020 23:14:42.767 client @0x7f2c580a1ca0 192.0.2.11#55332: updating zone 
'local.example.com/IN': prerequisites are OK
12-Jun-2020 23:14:42.767 client @0x7f2c580a1ca0 192.0.2.11#55332: updating zone 
'local.example.com/IN': rolling back

==> /var/log/named/default.log <==
12-Jun-2020 23:14:42.767 client @0x7f2c580a1ca0 192.0.2.11#55332: update 
'local.example.com/IN’ denied


On 24 May 2020, at 02:39, Tim Maestas 
mailto:tmaesta...@gmail.com>> wrote:



On Sat, May 23, 2020 at 12:19 PM Vinícius Ferrão via bind-users 
mailto:bind-users@lists.isc.org>> wrote:

grant * subdomain local.example.com. 
ANY;
};
};



I use:
grant LOCAL.EXAMPLE.COM ms-self .;
...for my domain joined members and
grant HOSTNAME$@LOCAL.EXAMPLE.COM subdomain 
local.example.com ANY;
for my domain controllers.


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Another DoT client (python)

2020-06-12 Thread Fred Morris 
Hello, I've written a DoT forwarder to be run locally on for example a
laptop in python: https://github.com/m3047/tcp_only_forwarder

  * python3 asyncio
  * standard modules only
  * no make, no binaries
  * one source file
  * 53 LOC (the irony!)

I wrote this a few weeks ago as a DNS-over-Plain-TCP (DoPT) forwarder
(see the README for why), but it was trivial to add TLS support.

--

Fred Morris


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users