For When You Can't Have The Real Thing
[ start | index | login ]
start > Windows > Server 2003 > nsupdate from linux

nsupdate from linux

Created by dave. Last edited by dave, 9 years and 159 days ago. Viewed 3,758 times. #6
[diff] [history] [edit] [rdf]
labels
attachments
(2013-03-19)

Problem

Batch update of Windows 2003-hosted DNS server

Solution

First change the DNS zone configuration to permit insecure updates

  • Start the DNS manager
  • Select the zone in question, right-click, properties
  • General tab
  • Change the Dynamic Updates field to "Nonsecure and secure"
Generate a batch file with your updates:
server 10.8.0.41
update delete wwxx.ad.myzone.internal. A 192.168.1.99
send
answer
server 10.8.0.41
prereq nxdomain qawand02.ad.myzone.internal.
update add qawand02.ad.myzone.internal. 1800 A 192.168.10.58
send
answer
server 10.8.0.41
prereq nxdomain 58.10.168.192.in-addr.arpa.
update add 58.10.168.192.in-addr.arpa 1800 PTR qawand02.ad.myzone.local.
send
answer

The prereq stanza says "don't create this record if it already exists".

Notes:

  • The prereq stanza says "don't create this record if it already exists".
  • I find I have to do a 'server' and 'send' command after each update command or an internal limit gets overflowed easily. (Update: if you say nsupdate -v $FILE instead, the connection is done over TCP instead of UDP and the limit doesn't apply.)
  • You have to specify the entire record to be removed including data, since DNS does permit you to have multiple records with the same lookup value.
  • Trailing dots matter on domain names.
Then run the nsupdate command with the file listing your changes:
$ nsupdate -v $FILE

You probably want to change the Secure Updates value back to whatever you found it as after your batch update unless you intend to do this regularly. But be aware that anyone with nsupdate can make changes to your DNS if you leave it as insecure update.

That's really all there is.

no comments | post comment
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.

Useful:


snipsnap.org | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt