If you are interested to make Bind9 accept DDNS request directly from Windows workstation (XP, Vista, Seven) or server (2003, 2008, ...) the way proceed is not much different from this one. So reading the howto of Samba4 about DDNS is a good starting point.

The only difference is that by default you do not have an access to the DNS keytab. Hopefully this email give all the needed informations, you need to:

  1. Create a user into your active directory, I suggest bind9 as the login name and also as first name and make the password not to expire (Password never expire)
  2. Modify the /etc/bind/named.conf.option so that the entry tkey-gssapi-credential contains "DNS/bind9.example.org";
  3. Use ktpass to extract the credentials as a keytab:
ktpass -out dns.keytab -princ DNS/bind9.example.org@EXAMPLE.ORG -pass * -mapuser bind@example.org

Of course you should adapt example.org and EXAMPLE.ORG to the name of your AD realm ...