Sunday, February 1, 2009

AllowUpdate Registry key

This registry key determines whether zone is allowed to accepts dynamic update requests.

Key Name: Allow Update
Type: REG DWORD (Boolean)
Default: NoKey (Do automatic cache updates) zero for normal dns server, 2 for Active Directory Integrated Services.
Functionality: Determine whether server attempts to update cache entries using data from root servers

Location:"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNSServer\Zones"

if reg key value is 0, Then the dns zone does not accept dynamic update requests.
if reg key is 1, Then the dns zone accepts dynamic update requests.
if reg key is 2, then then zone accepts only secure dynamic update requests(this option available only for zones that are integrated with Active Directory).

To change the value of the key say 1, do

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNSServer\Zones" /v AllowUpdate /t reg_dword /d 1 /f

Note: 1. This reg key applies only on primary zones in dns
2. Direct changes to registry key will be effective only after restarting the dns server.
3. Dns server reads this registry entry during start up only, to update this key dynacmically usn dns manager snapin (dnsmgmt.msc).


Design by infinityskins.blogspot