Allow NS record creation for specific domain controllers
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
To allow NS resource record creation for specific domain controllers
Open Command Prompt.
Important
- This procedure applies to domain controller name server (NS) resource records in Active Directory-integrated DNS zones that are hosted on DNS servers configured to not add these resource records for their authoritative zones. For more information, see Related Topics.
Type:
dnscmdServerName /Config ZoneName /AllowNSRecordsAutoCreation IpAddresses...
Value Description dnscmd
Specifies the name of the command-line program.
ServerName
Required. Specifies the DNS host name of the DNS server. You can also type the IP address of the DNS server. To specify the DNS server on the local computer, you can also type a period (.).
/Config
Required. Specifies the configuration command.
ZoneName
Required. Specifies the fully qualified domain name (FQDN) of the zone.
/AllowNSRecordsAutoCreation
Required. Specifies that domain controllers entered for Value will add their names to NS resource records for the zone specified in ZoneName. NS resource records that were previously registered for this zone are not affected. Therefore, you must remove them manually if you do not want them.
IpAddresses...
Required. Specifies the IP addresses of the domain controllers that will add their names in NS resource records for the zone specified in ZoneName. Type a space-separated list of the IP addresses of the DNS servers. For example, 10.0.0.0 172.16.0.0 192.168.0.0.
Additional considerations
To perform this procedure, you must be a member of the DnsAdmins or the Domain Admins group in Active Directory. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.
To open a command prompt, click Start, point to All programs, point to Accessories, and then click Command prompt.
This procedure requires the Dnscmd Windows support tool. For information about installing Windows support tools, see Related Topics.
To view the complete syntax for this command, at a command prompt, type:
dnscmd /Config /?
If any domain controllers in the specified zone are not listed for IpAddresses..., their names will be deleted from the NS resource records for the zone specified in ZoneName.
To specify that all domain controllers are allowed to add their names to NS resource records for the zone, or to clear the list of allowed DNS server IP addresses, type the command and omit IpAddresses...:
dnscmdServerName**/ConfigZoneName/AllowNSRecordsAutoCreation**
Regardless of the settings above, query responses sent to DNS clients from authoritative DNS servers and selected domain controllers will indicate that the responses are from authoritative DNS servers.
Formatting legend
Format | Meaning |
---|---|
Italic |
Information that the user must supply |
Bold |
Elements that the user must type exactly as shown |
Ellipsis (...) |
Parameter that can be repeated several times in a command line |
Between brackets ([]) |
Optional items |
Between braces ({}); choices separated by pipe (|). Example: {even|odd} |
Set of choices from which the user must choose only one |
Courier font |
Code or program output |
Information about functional differences
- Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.