Solved

Change all dynamic update in DNS Server

Posted on 2011-02-23
4
952 Views
Last Modified: 2012-05-11
Dear All,

I have around 173 revers lookup zone in my DNS and I want to configure all of them for a dynamic update to be secure, I try the following command:

Dnscmd ServerName /Config {AllZones} /AllowUpdate 2
I got the following error:

DNS Server failed to reset registry property.
    Status = 9601 (0x00002581)
Command failed:  DNS_ERROR_ZONE_DOES_NOT_EXIST     9601    0x2581

I need help to apply the settings in all DNS lookup zone.

I have DNS installed on windows 2008 R2

Thanks
0
Comment
Question by:Arabsoft_Security
  • 3
4 Comments
 
LVL 11

Expert Comment

by:Kruno Džoić
ID: 34959378
Windows Server 2008–based DNS clients try to use nonsecure dynamic updates first. If the nonsecure update is refused, clients try to use a secure update.

Also, clients use a default update policy that lets them to try to overwrite a previously registered resource record, unless they are specifically blocked by update security.

By default, after a zone becomes Active Directory-integrated, Windows Server 2008–based DNS servers enable only secure dynamic updates.
0
 
LVL 11

Expert Comment

by:Kruno Džoić
ID: 34959413
or if you dont have AD-integrated zone, read this link
http://technet.microsoft.com/en-us/library/cc753751.aspx
0
 
LVL 11

Expert Comment

by:Kruno Džoić
ID: 34959435
0
 
LVL 11

Accepted Solution

by:
Tasmant earned 500 total points
ID: 34959952
you can use the following command to retrieve all the reverse zones names:
dnscmd /enumzones /reverse
then, for each zone, you can run the command
dnscmd /config 10.10.in-addr.arpa /allowupdate 2
My reverse lookup zone was 10.10 here.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question