• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1096
  • Last Modified:

Change all dynamic update in DNS Server

Dear All,

I have around 173 revers lookup zone in my DNS and I want to configure all of them for a dynamic update to be secure, I try the following command:

Dnscmd ServerName /Config {AllZones} /AllowUpdate 2
I got the following error:

DNS Server failed to reset registry property.
    Status = 9601 (0x00002581)
Command failed:  DNS_ERROR_ZONE_DOES_NOT_EXIST     9601    0x2581

I need help to apply the settings in all DNS lookup zone.

I have DNS installed on windows 2008 R2

Thanks
0
Arabsoft_Security
Asked:
Arabsoft_Security
  • 3
1 Solution
 
Kruno DžoićSystem EngineerCommented:
Windows Server 2008–based DNS clients try to use nonsecure dynamic updates first. If the nonsecure update is refused, clients try to use a secure update.

Also, clients use a default update policy that lets them to try to overwrite a previously registered resource record, unless they are specifically blocked by update security.

By default, after a zone becomes Active Directory-integrated, Windows Server 2008–based DNS servers enable only secure dynamic updates.
0
 
Kruno DžoićSystem EngineerCommented:
or if you dont have AD-integrated zone, read this link
http://technet.microsoft.com/en-us/library/cc753751.aspx
0
 
TasmantCommented:
you can use the following command to retrieve all the reverse zones names:
dnscmd /enumzones /reverse
then, for each zone, you can run the command
dnscmd /config 10.10.in-addr.arpa /allowupdate 2
My reverse lookup zone was 10.10 here.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now