Secured dynamic DNS updates with SAMBA4

ISC DHCPd is capable of sending dynamic dns updates against servers like BIND using shared-key authentication or or completely unauthenticated (e.g. BIND or Microsoft DNS with secure updates disabled). As SAMBA4 is a great alternative for Microsoft AD, i’d like to perform secured dynamic DNS updates against it using GSS/TSIG. UPDATE 2018-01-07 I’m now using the scripts from Arch Linux samba-dhcpd-update package, for more info see the wiki UPDATE 2016-02-17 Added info about ACLs for BIND UPDATE 2016-02-16 Read more