Reply

AD-DC updating DNS Records in Infoblox

New Member
Posts: 2
1941     0

Hello there

 

I am currently setting up a testlab and would like to migrate from Windows DNS to Infoblox. I set up GSS-TSIG acording to this article: Accepting GSS-TSIG-Authenticated Updates - Infoblox NIOS 9.0 - Infoblox Documentation Portal

But I am at a loss here. When I try to update the records from a AD-joint Client with: ipconfig /registerdns  I can see via Wireshark and in the Infoblox Syslog, that something isnt working there.

I want that the Clients update their DNS records on the Infoblox DNS.

 

Infoblox Syslog

Unbenannt.PNG

 

Wireshark capture on Client after "ipconfig /registerdns"

registerDNS.pcapng_2023-11-24_17-24-53.png

 

Any help would be much appreciated!

Re: AD-DC updating DNS Records in Infoblox

Moderator
Moderator
Posts: 315
1942     0

Just a guess, but it looks like the enctyption types don't match.  All the encryption types need to match, between
1) what gets generated with the ktpass command
2) what gets imported to Infoblox
3) what is supported and enbabled on the Windows clients (including the domain controller)

Re: AD-DC updating DNS Records in Infoblox

New Member
Posts: 2
1942     0

Thank you for the reply! I managed to get it working, I put the IP of the DC in the ACL of the Grid DNS properties.

It does seem that the keytab file is working, when I disable GSS-TSIG updates in the Update Tab of the DNS Grid properties. It won't work. So I think that the ACL entry was needed.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You