Skip to content

Instantly share code, notes, and snippets.

@mbrownnycnyc
Created May 24, 2013 15:41
Show Gist options
  • Star 10 You must be signed in to star a gist
  • Fork 6 You must be signed in to fork a gist
  • Save mbrownnycnyc/5644413 to your computer and use it in GitHub Desktop.
Save mbrownnycnyc/5644413 to your computer and use it in GitHub Desktop.
script for use with `nsupdate` to update linux client DNS on a DNS server... in this instance, I am targeting a Windows Server DNS server 2003/2008/2012+. I have manually created the PTR and A records once, and granted the Everyone ACE the "Write" permission in the DACL of the PTR and A records.
#!/bin/sh
#original from http://community.spiceworks.com/topic/262635-linux-does-not-register-on-the-windows-ad-dns
# reply of Phil6196 Oct 1, 2012 at 12:41 AM (EDT)
ADDR=`/sbin/ifconfig eth0 | grep 'inet addr' | awk '{print $2}' | sed -e s/.*://`
HOST=`hostname`
echo "update delete $HOST A" > /var/nsupdate.txt
echo "update add $HOST 86400 A $ADDR" >> /var/nsupdate.txt
echo "update delete $HOST PTR" > /var/nsupdate.txt
echo "update add $HOST 86400 PTR $ADDR" >> /var/nsupdate.txt
nsupdate /var/nsupdate.txt
Copy link

ghost commented Jan 30, 2014

Saw this linked from a spiceworks question. Line #8 should be an append >>

(or there should be an extra nsupdate before line #8)

@dtatay
Copy link

dtatay commented Jan 21, 2015

awsome. Thanks.

@Illydth
Copy link

Illydth commented Nov 4, 2015

Still incorrect. The "PTR" example is wrong. In most cases if the ipaddress allocated is 1.2.3.4, and your system name is system.domain.net, your PTR record would look like:

update add 4.3.2.1.in-addr.arpa 86400 PTR system.domain.net

What you have above for PTR record entry won't get you a reverse lookup I don't think.

@gstanden
Copy link

First, thank mbrownnycnyc for this post it was really helpful for me as a starting point.

Second, I know this thread is stale by a couple of years, but still, as this thread was my starting point, I'd like to add that there is another format for running an nsupdate script as shown below.

The scripting did not work for me until I reformatted as shown below. The ipadds are obfuscated obviously. I've shown commands for adding records instead of deleting records just to add some additional usefulness to the thread, but the format is the same whether adding or deleting obviously.

The main thing to note is that in this format we're using a different technique by echoing the commands and piping them to nsupdate as shown below, and also note that I'm using an rndc.key file here instead of a dnssec key file.

HTH Gil

Begin Example

echo "server 10.207.39.2
update add $HOST.urdomain1.com 3600 IN A xxx.xxx.xxx.xxx
send
update add xxx.xxx.xxx.xxx.in-addr.arpa 3600 IN PTR $HOST.urdomain1.com
send
quit
" | nsupdate -k /etc/bind/rndc.key

End Example

@leifnel
Copy link

leifnel commented Jan 20, 2018

@gstanden, still wrong.

The reverse record has the octets in reverse order

echo "server 10.207.39.2
update add $HOST.urdomain1.com 3600 IN A a.b.c.d
send
update add d.c.b.a.in-addr.arpa 3600 IN PTR $HOST.urdomain1.com
send
quit
" | nsupdate -k /etc/bind/rndc.key

@barrymw
Copy link

barrymw commented May 31, 2021

Thought I would provide an update for my own sanity:

# ip=1.2.3.4
# arpa=$(ruby -ripaddr -e 'puts "#{IPAddr.new(ARGV[0]).reverse}."' $ip)
# echo $arpa
4.3.2.1.in-addr.arpa.
# fqdn=bar.urdomain1.com.
# echo "server 10.207.39.2
update add $fqdn 3600 IN A $ip
send
update add $arpa 3600 IN PTR $fqdn
send
quit
" | nsupdate -k /etc/bind/rndc.key

@spoelstraethan
Copy link

spoelstraethan commented Apr 26, 2022

I'm loving this Unix-y version without needing a temporary file that can check your domain (if machine is domain joined) and update the domain's DNS server ad hoc say if your sssd.conf had been missing ad_hostname when you don't use the FQDN as the hostname.

ipaddress=$(hostname -i)
arpa=$(printf 'arpa.in-addr.%s.' "$ipaddress" | tac -s.)
fqdn=$(hostname -f).
mydnsserver=$(nslookup -type=soa $(hostname -d) | grep origin | awk -F'= ' '{print $2}')
echo "server $mydnsserver
update add $fqdn 3600 IN A $ipaddress
send
update add $arpa 3600 IN PTR $fqdn
send
quit
" | nsupdate

Add -d and -D after nsupdate to get a really verbose listing of what it is doing as it updates.

@DeVogelRyan
Copy link

Hey I don't know if this is related but I need nsupdate to be one line for a specific use case is this possible?

@barrymw
Copy link

barrymw commented Jun 14, 2023

Hey I don't know if this is related but I need nsupdate to be one line for a specific use case is this possible?

It depends on what you define as 'one line'. The nsupdate commands (update add ...) have to be on separate lines, i.e. they are newline delimited. You could use the printf command to have it as a single line and use '\n' newline character where needed, but it gets ugly:

ipaddress=$(hostname -i); arpa=$(printf 'arpa.in-addr.%s.' "$ipaddress" | tac -s.); fqdn=$(hostname -f).; mydnsserver=$(nslookup -type=soa $(hostname -d) | grep origin | awk -F'= ' '{print $2}'); printf "server $mydnsserver\nupdate add $fqdn 3600 IN A $ipaddress\nsend\nupdate add $arpa 3600 IN PTR $fqdn\nsend\nquit\n" | nsupdate

I haven't tested this btw, but the general structure should work. Remove the | nsupdate to check the syntax.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment