Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1063
  • Last Modified:

Change all dynamic update in DNS Server

Dear All,

I have around 173 revers lookup zone in my DNS and I want to configure all of them for a dynamic update to be secure, I try the following command:

Dnscmd ServerName /Config {AllZones} /AllowUpdate 2
I got the following error:

DNS Server failed to reset registry property.
    Status = 9601 (0x00002581)
Command failed:  DNS_ERROR_ZONE_DOES_NOT_EXIST     9601    0x2581

I need help to apply the settings in all DNS lookup zone.

I have DNS installed on windows 2008 R2

Thanks
0
Arabsoft_Security
Asked:
Arabsoft_Security
  • 3
1 Solution
 
Kruno DžoićSystem EngineerCommented:
Windows Server 2008–based DNS clients try to use nonsecure dynamic updates first. If the nonsecure update is refused, clients try to use a secure update.

Also, clients use a default update policy that lets them to try to overwrite a previously registered resource record, unless they are specifically blocked by update security.

By default, after a zone becomes Active Directory-integrated, Windows Server 2008–based DNS servers enable only secure dynamic updates.
0
 
Kruno DžoićSystem EngineerCommented:
or if you dont have AD-integrated zone, read this link
http://technet.microsoft.com/en-us/library/cc753751.aspx
0
 
TasmantCommented:
you can use the following command to retrieve all the reverse zones names:
dnscmd /enumzones /reverse
then, for each zone, you can run the command
dnscmd /config 10.10.in-addr.arpa /allowupdate 2
My reverse lookup zone was 10.10 here.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now