Hello Roger,
I prepared updated packages for bionic and uploaded them to this PPA: https://launchpad.net/~ahasenack/+archive/ubuntu/bind9-nsupdate-gssapi-windows-1755439/
Would you be able to do a quick test with them? I don't have a windows AD server setup at the moment.
I did a simple nsupdate -g validation with localhost: ubuntu@bionic-bind9-nsupdate:~$ kinit Password for ubuntu@LXD:
ubuntu@bionic-bind9-nsupdate:~$ nsupdate -g > server 127.0.0.1 > update add xenial.lxd. 120 TXT "Goodbye from kerberos" > send
ubuntu@bionic-bind9-nsupdate:~$ dig @127.0.0.1 -t txt xenial.lxd +short "Goodbye from kerberos"
ubuntu@bionic-bind9-nsupdate:~$ klist Ticket cache: FILE:/tmp/krb5cc_1000 Default principal: ubuntu@LXD
Valid starting Expires Service principal 03/14/18 15:02:21 03/15/18 01:02:21 krbtgt/LXD@LXD renew until 03/15/18 15:02:20 03/14/18 15:02:45 03/15/18 01:02:21 DNS/lxd@LXD renew until 03/15/18 15:02:20
Hello Roger,
I prepared updated packages for bionic and uploaded them to this PPA: https:/ /launchpad. net/~ahasenack/ +archive/ ubuntu/ bind9-nsupdate- gssapi- windows- 1755439/
Would you be able to do a quick test with them? I don't have a windows AD server setup at the moment.
I did a simple nsupdate -g validation with localhost: bionic- bind9-nsupdate: ~$ kinit
ubuntu@
Password for ubuntu@LXD:
ubuntu@ bionic- bind9-nsupdate: ~$ nsupdate -g
> server 127.0.0.1
> update add xenial.lxd. 120 TXT "Goodbye from kerberos"
> send
ubuntu@ bionic- bind9-nsupdate: ~$ dig @127.0.0.1 -t txt xenial.lxd +short
"Goodbye from kerberos"
ubuntu@ bionic- bind9-nsupdate: ~$ klist krb5cc_ 1000
Ticket cache: FILE:/tmp/
Default principal: ubuntu@LXD
Valid starting Expires Service principal
03/14/18 15:02:21 03/15/18 01:02:21 krbtgt/LXD@LXD
renew until 03/15/18 15:02:20
03/14/18 15:02:45 03/15/18 01:02:21 DNS/lxd@LXD
renew until 03/15/18 15:02:20