Reply
Accepted Solution

How to secure Windows Dynamic Updates

markb81
Techie
Posts: 2
4519     0

Hi,

 

We implemented Infoblox requiring GSS-TSIG. We only have Windows clients that support it.

When a client performs a dynamic registration we see the following pattern:

 

- Normal DNS update -> fail -> error in infoblox named syslogging

- Client authenticates using TSIG

- Client performing authenticated update -> succeed

 

This happens all the time which gives a very clouded ERROR log in syslogging.

 

How can we force Windows servers to perform TSIG only, or at least try it first before falling back to normal DNS registration?

Re: How to secure Windows Dynamic Updates

markb81
Techie
Posts: 2
4520     0

Solved my own problem. Found a GPO to configure it:

 

Computer Configuration > Administrative Templates > Network > DNS Client

 

Name: Update security level
Set to: Only Secure

Re: How to secure Windows Dynamic Updates

jeffkdanies
Not applicable
Posts: 1
4520     0

Can anyone here help me with the error your windows will expire soon? I am getting this error again and again.

Showing results for 
Search instead for 
Do you mean 

Recommended for You