Ubuntu
bind9 package

  1. Bug #1755439
  2. Comment #2

Comment 2 for bug 1755439

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Hello Roger,

I prepared updated packages for bionic and uploaded them to this PPA: https://launchpad.net/~ahasenack/+archive/ubuntu/bind9-nsupdate-gssapi-windows-1755439/

Would you be able to do a quick test with them? I don't have a windows AD server setup at the moment.

I did a simple nsupdate -g validation with localhost:
ubuntu@bionic-bind9-nsupdate:~$ kinit
Password for ubuntu@LXD:

ubuntu@bionic-bind9-nsupdate:~$ nsupdate -g
> server 127.0.0.1
> update add xenial.lxd. 120 TXT "Goodbye from kerberos"
> send

ubuntu@bionic-bind9-nsupdate:~$ dig @127.0.0.1 -t txt xenial.lxd +short
"Goodbye from kerberos"

ubuntu@bionic-bind9-nsupdate:~$ klist
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: ubuntu@LXD

Valid starting Expires Service principal
03/14/18 15:02:21 03/15/18 01:02:21 krbtgt/LXD@LXD
        renew until 03/15/18 15:02:20
03/14/18 15:02:45 03/15/18 01:02:21 DNS/lxd@LXD
        renew until 03/15/18 15:02:20