I've been unsuccessful at finding a guide on how to integrate just ISC DHCP into an AD DNS environment.
Configure the above script for your domain/DNS servers.
Add the parameters necessary to execute the script on the 'on commit', 'on release', 'on expiry' triggers in your
If using the IPv4/IPv6 script, the 'execute' lines will need to be adjusted: on commit: Lastly, notate if you're using MIT Kerberos or heimdal.
I'm attempting to replace Windows Server DHCP with ISC DHCP.
In order to do so, I need to be able to facilitate updating DNS records from clients that do and do not support dynamic DNS record registration.
Active Directory/DNS is running on Server 2012 R2 in 2012 R2 forest/domain functional levels.DNS forward and reverse lookup zones accept secure dynamic updates only.The basic crux of the issue is that MS DNS uses Kerberos for authentication to update DNS records, while ISC DHCP, out of the box, supports TSIG [for BIND].The scripts above are rather lengthy, so I won't post them here, but the basic steps are: Generate a keytab using ktutil.This is for an Domain User who is a member of the "Dns Update Proxy" in Active Directory.You should be able to do this on Windows or Linux (but the keytab must be copied to the server running ISC DHCP).