U
Ulrik
Yesterday:
Windows 2003 DNS (dynamic dns, only secure updates allowed)
Windows 2000 DHCP
Today:
Windows 2003 DNS (dynamic dns, unsecure and secure updates are allowed)
Cisco CNR DHCP
Yesterday we had a MS 2000 DHCP server that registered secure dynamic DNS
records for the clients (mostly Windows 2000 clients).
Today we have switched over to use a third part DHCP (political decision),
Cisco CNR, and the clients will register them self (if the client can do
that, if not the DHCP server will register the client).
Before the MS DHCP registered the records with secure updates in dns.
(When looking at a client a-recorde security the DHCP server was added in
the permisson list and had the right to 'write')
The strange thing is that after switching over to Cisco DHCP, clients can
update their records even if the MS DHCP server is the owner (the server is
added in the permisson list and have the right to 'write').
Ques1: How can this happen? The client schould not be able to modify this
record, if I'm not totaly wrong...
Also, the record created when the client make a registration after getting a
ip from Cisco CNR is not a secure update and does not add the client
computer in the permission list (it register with an unsecure dns record).
Ques2: Why does the client not register with a secure record?
Regards
Ulrik
Windows 2003 DNS (dynamic dns, only secure updates allowed)
Windows 2000 DHCP
Today:
Windows 2003 DNS (dynamic dns, unsecure and secure updates are allowed)
Cisco CNR DHCP
Yesterday we had a MS 2000 DHCP server that registered secure dynamic DNS
records for the clients (mostly Windows 2000 clients).
Today we have switched over to use a third part DHCP (political decision),
Cisco CNR, and the clients will register them self (if the client can do
that, if not the DHCP server will register the client).
Before the MS DHCP registered the records with secure updates in dns.
(When looking at a client a-recorde security the DHCP server was added in
the permisson list and had the right to 'write')
The strange thing is that after switching over to Cisco DHCP, clients can
update their records even if the MS DHCP server is the owner (the server is
added in the permisson list and have the right to 'write').
Ques1: How can this happen? The client schould not be able to modify this
record, if I'm not totaly wrong...
Also, the record created when the client make a registration after getting a
ip from Cisco CNR is not a secure update and does not add the client
computer in the permission list (it register with an unsecure dns record).
Ques2: Why does the client not register with a secure record?
Regards
Ulrik