Hello, I have a problem with secure update via BIND 9.5 against Windows 2003 SP2 Dynamic DNS service. DNS server is rejecting the updates. (Secure Updates from MS clients works fine.)
I did these steps: * GSS support was compiled (compiler gcc) * linked against AIX 5.3 Kerberos libaries and MIT Kerberos 1.6.3 (with none of them it works) - update is tried as domain admin, and option '-o' activates the Microsoft implementation of GSS protocol #> kinit #> nsupdate -o > update add test123.test.hu 86400 A 10.144.164.100 > send - DNS server replies with: ; TSIG error with server: tsig verify failure update failed: REFUSED In the network trace I see that the TKEY is negotiated successfully but the update will be refused. Could someone help me please how to set up secure DDNS against Windows DNS via NSUPDATE? Thanks in advance. Best Regards, Arpad ______________________________________________________________________ Könyvszerda 30% kedvezménnyel! HVG, Typotex és Tinta kiadók könyveinek teljes kínálata. http://bookline.hu/control/news?newsid97&tabname=book&affiliate=frekszkar6632
