RHEL6, Active Directory and Dynamic DNS

I have a scripted Active Directory configuration, using Winbind, Samba and SSSD, then running adcli and net join commands, which allows me to use AD for user authentication.

Registering a Red Hat box also results in a Dynamic DNS entry being created in the Wintel infrastructure, which is all good, too.

However, the Dynamic DNS entry expires after 14 days ("DNS Scavenging", they seem to call it in the Wintel world). I would have assumed that winbindd would send the same DNS updates that a Wintel client does, but it seems not.

I have found the nsupdate tool (and the -g switch to it), but can't find how to send the correct authentication details with it - what does anybody here do with RHEL6 and Active Directory?