DNS forward and reverse lookup zones accept secure dynamic updates only.
Archived from groups: microsoft.public.win2000(More info? )Hello, I amlooking for any suggestions with using Windows DNS and QIP.
I am set with forward lookup zones and having my enterprise QIP DNS as a secondary to the Windows DNS.
I will show you how to do that using simple scripts based on: Windows DNScmd command is by default available on Windows Server 2008/2008R2 server where DNS role has been installed.
To use it on Windows Server 2003, you need to install Support Tools from server’s CD#1 blog who is REAL genius in DNS topic.
The IPv4-only script and setup information is available from ISC DHCPd: Dynamic DNS updates against secure Microsoft DNS There is an alternative script that supports IPv4 and IPv6, but using the same premise as the above script is available at
The basic crux of the issue is that MS DNS uses Kerberos for authentication to update DNS records, while ISC DHCP, out of the box, supports TSIG [for BIND].The first stage to provide name resolution is to deploy the DNS server role on Windows Server 2016 server computers.Although IP addressing is not especially complex, it is easier for users to work with host names rather than with the IPv4 or IPv6 addresses of hosts, such as websites, to which they want to connect.We use QIP as the enterprise DNS because we have alot of UNIX servers and workstations. I'm attempting to replace Windows Server DHCP with ISC DHCP.The configuration file is below, but what I've noted when using ISC DHCP is that non-domain joined clients will not have an A record registered for them in forward/reverse lookup zones.