Mark Minasi's Reader Forum
Mark Minasi's Reader Forum
Home | Profile | Register | Active Topics | Active Polls | Members | Search | FAQ | Minasi Forum RSS Feed
 All Forums
 HALP! Questions on NT 4, 2000, XP, 2003
 Windows Server 2003
 DNS: Secure Dynamic Update - Own domain only?		  New Topic  Reply to Topic
 Printer Friendly
Author  Topic Next Topic  

Jazzster
Here To Stay

167 Posts
Status: offline
Posted - 12/11/2007 :  08:37:48 AM  Show Profile  Reply with Quote
I have reason to suspect that if you choose "Secure Only" for dynamic updates in properties for DNS zone, it gives that while computers in own domain (the AD domain corresponding to the DNS zone name, here root domain) can register records, computers in subdomains cannot. If I change to "Secure and Non-Secure", computers in subdomains can.

This is unexpected, if true, since all computers in root domain and subdomains should be members of the Authenticated Users group (despite its name), which have "Create all child objects" (i.e. A records) permissions on the zone.
Edited by - Jazzster on 12/11/2007 08:49:34 AM

wkasdo
Moderator

Netherlands
4235 Posts
Status: offline
Posted - 12/11/2007 :  09:14:55 AM  Show Profile  Click to see wkasdo's MSN Messenger address  Reply with Quote
It may be more subtle. A DNS Secure update requires Kerberos, which may be failing.
Go to Top of Page
   Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Mark Minasi's Reader Forum © 2002-2007 Mark Minasi Go To Top Of Page
This page was generated in 0.09 seconds. Snitz Forums 2000