Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.protocols.dns.bind > #15749

Re: TSIG DDNS and windows clients

Path csiph.com!xmission!news.snarked.org!news.linkpendium.com!news.linkpendium.com!panix!usenet.stanford.edu!not-for-mail
From Grant Taylor <gtaylor@tnetconsulting.net>
Newsgroups comp.protocols.dns.bind
Subject Re: TSIG DDNS and windows clients
Date Wed, 13 May 2020 13:49:36 -0600
Lines 110
Approved bind-users@lists.isc.org
Message-ID <mailman.398.1589399371.942.bind-users@lists.isc.org> (permalink)
References <CACRkVfbZyNWdVh_1mDtn574tVTN9d2xX3h2YZ8Y7b2chKiZeGQ@mail.gmail.com> <CA+nkc8A0=QAgcq_TFaAPV0Amp7VaoA9SCgEUVpCHfXzz_Ey+CA@mail.gmail.com> <CACRkVfb1xQv5Ln2Jq0NwGhzBa85RgT19yAZ=EQysQsi=t1YQ1w@mail.gmail.com> <CA+nkc8DifnYuaXJeMN_zfBPedZLyudA=gaWNsvoEFg6tkYmFxg@mail.gmail.com> <986e9f10-57c7-0f4f-4970-29b2055030c4@tnetconsulting.net>
NNTP-Posting-Host lists.isc.org
Mime-Version 1.0
Content-Type multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms040909050407040108060207"
X-Trace usenet.stanford.edu 1589399388 26237 149.20.1.60 (13 May 2020 19:49:48 GMT)
X-Complaints-To action@cs.stanford.edu
To bind-users@lists.isc.org
Return-Path <gtaylor@tnetconsulting.net>
X-Original-To bind-users@lists.isc.org
Delivered-To bind-users@lists.isc.org
ARC-Filter OpenARC Filter v0.1.0 tncsrv06.tnetconsulting.net 04DJnaGH015624
Authentication-Results tncsrv06.tnetconsulting.net; arc=none header.d=tnetconsulting.net
ARC-Seal i=1; a=rsa-sha256; d=tnetconsulting.net; s=2015; t=1589399379; cv=none; b=ftyx7laALzvu23LxXIugWEevaqAQlLRhPgmRagYiCTv2uZ6JhpR4CH51gi96lM5FnrytjGCgXFMb5m+drOxYD18mKcYxbZEy+hBnVU5AT+cs9haLiSgmyBoudAm6v6Ek/5GUWax7g8owfp31yJ+Ebij/Ew9xjZrnKMcDv4Cb9Sc=
ARC-Message-Signature i=1; a=rsa-sha256; d=tnetconsulting.net; s=2015; t=1589399379; c=relaxed/simple; bh=j7jf1HO9lOS2bhs+NDdeYEeHpKi+RaWbBG19eejKyc4=; h=DKIM-Signature:Subject:To:From:Message-ID:Date:User-Agent: MIME-Version:Content-Type; b=APW6qxSkZdsCWNZa/tzthOyCAsYKWkLWDRHMaSnBPi75W5mb/dc5Lng2D9BusPAq/dC4cZ89MHOAYtZGyZX9Qn79sClkYYojKsnrZCzZcMDFimLy2ninCLk4tezoM4Qlqhp6Yhn+g2Jh9hr8f03Qmfnd1A6DZeQOh1U4456Ux8w=
ARC-Authentication-Results i=1; tncsrv06.tnetconsulting.net; none
DKIM-Signature v=1; a=rsa-sha256; c=simple/simple; d=tnetconsulting.net; s=2019; t=1589399379; bh=j7jf1HO9lOS2bhs+NDdeYEeHpKi+RaWbBG19eejKyc4=; h=Subject:To:References:From:Message-ID:Date:User-Agent: MIME-Version:In-Reply-To:Content-Type:Cc:Content-Disposition: Content-Language:Content-Transfer-Encoding:Content-Type:Date:From: In-Reply-To:Message-ID:MIME-Version:References:Reply-To: Resent-Date:Resent-From:Resent-To:Resent-Cc:Sender:Subject:To: User-Agent; b=yI5SvuK3okVeqETQREckNRgiE8KcnU40nAawLVo77s24iUj1WBMBGmXkJY4PAuoj+ 4tbqMaE1nO+dWbMlo7n6uBlY/bbBNOUwf3PUytDo5sG9jKcUpC9vg1uruzBK+rNr19 iBxLSu8TNtxQkv+C86O9bKqQ6CStV4SXU01ZnKh4=
User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:68.0) Gecko/20100101 Thunderbird/68.8.0
In-Reply-To <CA+nkc8DifnYuaXJeMN_zfBPedZLyudA=gaWNsvoEFg6tkYmFxg@mail.gmail.com>
X-Spam-Status No, score=-2.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,GPG_SIGNED,RCVD_IN_DNSWL_NONE, SPF_HELO_PASS,SPF_PASS autolearn=disabled version=3.4.2
X-Spam-Checker-Version SpamAssassin 3.4.2 (2018-09-13) on mx.pao1.isc.org
X-BeenThere bind-users@lists.isc.org
X-Mailman-Version 2.1.29
Precedence list
List-Id BIND Users Mailing List <bind-users.lists.isc.org>
List-Unsubscribe <https://lists.isc.org/mailman/options/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=unsubscribe>
List-Archive <https://lists.isc.org/pipermail/bind-users/>
List-Post <mailto:bind-users@lists.isc.org>
List-Help <mailto:bind-users-request@lists.isc.org?subject=help>
List-Subscribe <https://lists.isc.org/mailman/listinfo/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=subscribe>
X-Mailman-Original-Message-ID <986e9f10-57c7-0f4f-4970-29b2055030c4@tnetconsulting.net>
X-Mailman-Original-References <CACRkVfbZyNWdVh_1mDtn574tVTN9d2xX3h2YZ8Y7b2chKiZeGQ@mail.gmail.com> <CA+nkc8A0=QAgcq_TFaAPV0Amp7VaoA9SCgEUVpCHfXzz_Ey+CA@mail.gmail.com> <CACRkVfb1xQv5Ln2Jq0NwGhzBa85RgT19yAZ=EQysQsi=t1YQ1w@mail.gmail.com> <CA+nkc8DifnYuaXJeMN_zfBPedZLyudA=gaWNsvoEFg6tkYmFxg@mail.gmail.com>
Xref csiph.com comp.protocols.dns.bind:15749

Show key headers only | View raw

[Multipart message — attachments visible in raw view] - view raw

On 5/13/20 6:29 AM, Bob Harold wrote:
> Your ACL looks right.  I think Ben has the key - Windows uses GSS-TSIG, 
> not regular TSIG.  Not sure how or if that can be solved.

I would bet someone a coffee and doughnut that it can.

Check out Jan-Piet Mens' article:

Link - RFC 2136 Dynamic DNS Updates using GSS-TSIG and Kerberos
  - 
https://jpmens.net/2012/06/29/dynamic-dns-updates-using-gss-tsig-and-kerberos/



-- 
Grant. . . .
unix || die

Back to comp.protocols.dns.bind | Previous | Next | Find similar

Thread

Re: TSIG DDNS and windows clients Grant Taylor <gtaylor@tnetconsulting.net> - 2020-05-13 13:49 -0600

csiph-web