Secure Dynamic DNS updates to Windows DNS
-
Wonder if somebody managed to setup Dynamic DNS updates through RFC 2136 on Windows Server DNS. All the information and a great pinned article here pointing how to do that for BIND but Microsoft is using something called GSS-TSIG. Basically a mechanism to get key from Kerberos server. And I didn't find any way to get static TSIG key.
Unsecure updates work fine, however page complains that TSIG is required, guess it can be anything, maybe need to be fixed on pFsense. Some articles on the net describes the process generating and using keytab but not sure if that is possible use to authenticate on pFsense.
Thank you,
K.