DNS-Einträge per DHCP: fehlende Berechtigung
Sorry, dass die Anfrage in Englisch ist, aber falls ich hier keine Antwort bekomme, dann würde ich eben einen Case bei M$ aufmachen. Und mit Englisch ist man dort bekanntermaßen flexibler...
We want to switch our DNS servers to SecureDNS. Firstly because of the security and secondly
we want to use the DNS for our IP address management. If we use unsecured DNS the DNS entries
which were created manually could be overwritten by clients or our DHCP servers.
Before we started to change settings in our productive environment I build up a test
environment. One server acts as DC and DNS and the other server acts as DHCP. We've tested
some different client operating systems and everything worked great. Then we began to prepare
our productive environment for SecureDNS. The current state is as followed:
- We've got lot's of DCs that are working as DNS. They allow "nonsecure and secure" dynamic
updates and they are all "Active Directory-Integrated"
- There's one server (none of the DCs) that acts as DHCP. Configuration:
- Dynamically update DNS A and PTR records only if requested by DHCP clients
- Dynamically update DNS A and PTR records for DHCP clients that do not request
updates (for example, clients running Windows NT 4.0)
- "DNS dynamic updates registration credentials" are set to an extra account for DHCP
Everything works fine except one little important thing: The DNS entries which should be
registered by the DHCP service don't have the correct credentials. The account which should be
used for those entries doesn't have the "general write" access. But in our test environment it
works great.
Are there any other settings which influence this behaviour?
Antworten können natürlich auch auf deutsch sein...
Freundliche Grüße,
Denis Hierholzer
We want to switch our DNS servers to SecureDNS. Firstly because of the security and secondly
we want to use the DNS for our IP address management. If we use unsecured DNS the DNS entries
which were created manually could be overwritten by clients or our DHCP servers.
Before we started to change settings in our productive environment I build up a test
environment. One server acts as DC and DNS and the other server acts as DHCP. We've tested
some different client operating systems and everything worked great. Then we began to prepare
our productive environment for SecureDNS. The current state is as followed:
- We've got lot's of DCs that are working as DNS. They allow "nonsecure and secure" dynamic
updates and they are all "Active Directory-Integrated"
- There's one server (none of the DCs) that acts as DHCP. Configuration:
- Dynamically update DNS A and PTR records only if requested by DHCP clients
- Dynamically update DNS A and PTR records for DHCP clients that do not request
updates (for example, clients running Windows NT 4.0)
- "DNS dynamic updates registration credentials" are set to an extra account for DHCP
Everything works fine except one little important thing: The DNS entries which should be
registered by the DHCP service don't have the correct credentials. The account which should be
used for those entries doesn't have the "general write" access. But in our test environment it
works great.
Are there any other settings which influence this behaviour?
Antworten können natürlich auch auf deutsch sein...
Freundliche Grüße,
Denis Hierholzer
Bitte markiere auch die Kommentare, die zur Lösung des Beitrags beigetragen haben
Content-ID: 38377
Url: https://administrator.de/forum/dns-eintraege-per-dhcp-fehlende-berechtigung-38377.html
Ausgedruckt am: 23.12.2024 um 01:12 Uhr
2 Kommentare
Neuester Kommentar