Hello Rob,

Am 06.01.2020 um 19:59 schrieb Rob Berendt <rob@xxxxxxxxx>:

Ok, how do I get "authorized"? I didn't see a userid/password keyword.
[…]
I assume that it has something to do with generating a keyfile but I have no clue on how to go about doing that.

nsupdate authorizes via Key File, as Larry pointed out. Generating is described in a multitude of locations, but I'm not sure if this is a BIND proprietary extension.

Generally in Windows, for any zone you can define how to dynamically update the zone. None, secure and secure + insecure. Maybe if you try to set that to insecure as a workaround until a better solution is found, can help? So you can use rndc without keys and other auth methods.

http://www.hexblot.com/blog/managing-windows-server-dns-records-linux-commandline

It seems that secure updates are only possible with integration of the OS as Domain Member:

https://blogs.technet.microsoft.com/jeffbutte/2016/12/18/265/

I'm sure tat IBM i doesn't has this feature.

What would I do? I'd ask the tech guys to install an ssh server on windows and log in to there with proper keys to call dnscmd directly over this session.

ssh Administrator@Servername "dnscmd record add blah"

So no need to do anything fancy with nsupdate or a local dnscmd (which doesn't help because here too, Authentication will fail).

:wq! PoC

PGP-Key: DDD3 4ABF 6413 38DE - https://www.pocnet.net/poc-key.asc



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.