rharolde> Thanks for the link. Lots of pieces to get working there. Not
rharolde> nearly as simple as TSIG. But good if you are already using
rharolde> Kerberos.
MS active directory is kerberos under the hood. You don't need to run a
classic mit/hesiod KDC to get GSS-TSIG to work. But it is
On Wed, May 13, 2020 at 3:49 PM Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
> On 5/13/20 6:29 AM, Bob Harold wrote:
> > Your ACL looks right. I think Ben has the key - Windows uses GSS-TSIG,
> > not regular TSIG. Not sure how or if that can be solved.
>
> I would bet someone
On 5/13/20 6:29 AM, Bob Harold wrote:
Your ACL looks right. I think Ben has the key - Windows uses GSS-TSIG,
not regular TSIG. Not sure how or if that can be solved.
I would bet someone a coffee and doughnut that it can.
Check out Jan-Piet Mens' article:
Link - RFC 2136 Dynamic DNS Updates
On Wed, May 13, 2020 at 3:20 AM Pete Fry wrote:
> Bob
> thanks for the reply and the correction ( the acl dones't have a ! it was
> a cut and paste error when i was trying to remove some information.
>
> the TSIG works when from other linux machine via nsupdate etc, however i'm
> trying to
All
I've inherited a BIND environment and i'm trying to understand a few things
as currently we are experiences an issue related to DDNS.
we have
site 1
hostA
site 2
hostB
We have a HArecord, and we want HostA or HostB to be able to update the
HArecord (i.e. failover cluster type
5 matches
Mail list logo