mirror of
https://github.com/StackExchange/dnscontrol.git
synced 2024-05-11 05:55:12 +00:00
Patrick G
committed by
Tom Limoncelli
Tom Limoncelli
parent
efe302a957
commit
e2ed50a136
@ -5,28 +5,19 @@ jsId: ACTIVEDIRECTORY_PS
|
||||
title: ActiveDirectory_PS Provider
|
||||
---
|
||||
# ActiveDirectory_PS Provider
|
||||
|
||||
This provider updates an Microsoft ActiceDirectory server DNS server. It interacts
|
||||
with AD via PowerShell commands that are generated and executed on the local machine.
|
||||
This means that DNSControl must be run on a Windows host.
|
||||
This driver automatically deactivates itself when run on non-Windows systems.
|
||||
This provider updates an Microsoft ActiceDirectory server DNS server. It interacts with AD via PowerShell commands that are generated and executed on the local machine. This means that DNSControl must be run on a Windows host. This driver automatically deactivates itself when run on non-Windows systems.
|
||||
|
||||
# Running on Non-Windows systems
|
||||
For debugging and testing on non-Windows systems, a "fake PowerShell" mode can be used, which will activate the driver and simulate PowerShell as follows:
|
||||
|
||||
For debugging and testing on non-Windows systems,
|
||||
a "fake PowerShell" mode can be used, which will activate the driver and
|
||||
simulate PowerShell as follows:
|
||||
|
||||
* Zone Input: Normally when DNSControl needs to know the contents of an existing DNS zone, it generates a PowerShell command to gather such information and saves a copy in a file called `adzonedump.ZONE.json` (where "ZONE" is replaced with the zone name). When "fake PowerShell" mode is enabled, the PowerShell command is not run, but the `adzonedump.ZONE.json` file is read. You must generate this file ahead of time (often on a different machine, one that runs PowerShell).
|
||||
* Zone Changes: Normally when DNSControl needs to change DNS records, it executes PowerShell commands as required. When "fake PowerShell" mode is enabled, these commands are simply logged to a file `dns_update_commands.ps1` and the system assumes they executed.
|
||||
- **Zone Input**: Normally when DNSControl needs to know the contents of an existing DNS zone, it generates a PowerShell command to gather such information and saves a copy in a file called `adzonedump.ZONE.json` (where "ZONE" is replaced with the zone name). When "fake PowerShell" mode is enabled, the PowerShell command is not run, but the `adzonedump.ZONE.json` file is read. You must generate this file ahead of time (often on a different machine, one that runs PowerShell).
|
||||
- **Zone Changes**: Normally when DNSControl needs to change DNS records, it executes PowerShell commands as required. When "fake PowerShell" mode is enabled, these commands are simply logged to a file `dns_update_commands.ps1` and the system assumes they executed.
|
||||
|
||||
To activate this mode, set `"fakeps":"true"` inside your credentials file for the provider.
|
||||
|
||||
## Configuration
|
||||
|
||||
The `ActiveDirectory_PS` provider reads an `ADServer` setting from
|
||||
`creds.json` to know the name of the ActiceDirectory DNS Server to
|
||||
update. creds.json:
|
||||
The `ActiveDirectory_PS` provider reads an `ADServer` setting from`creds.json` to know the name of the ActiceDirectory DNS Server to update.
|
||||
|
||||
{% highlight javascript %}
|
||||
{
|
||||
@ -36,7 +27,9 @@ update. creds.json:
|
||||
}
|
||||
{% endhighlight %}
|
||||
|
||||
If you want to modify the "fake powershell" mode details, you can set them in the credentials file like so:
|
||||
|
||||
If you want to modify the "fake powershell" mode details, you can set them in the credentials file:
|
||||
|
||||
{% highlight javascript %}
|
||||
{
|
||||
"activedir": {
|
||||
@ -48,7 +41,8 @@ If you want to modify the "fake powershell" mode details, you can set them in th
|
||||
}
|
||||
{% endhighlight %}
|
||||
|
||||
Here is a simple dns configuration. dnsconfig.js:
|
||||
|
||||
An example DNS configuration:
|
||||
|
||||
{% highlight javascript %}
|
||||
var REG_NONE = NewRegistrar('none', 'NONE')
|
||||
@ -59,13 +53,9 @@ D('example.tld', REG_NONE, DnsProvider(ACTIVEDIRECTORY),
|
||||
)
|
||||
{% endhighlight %}
|
||||
|
||||
To generate a `adzonedump.ZONE.json` file, run `dnscontrol preview`
|
||||
on a Windows system then copy the appropriate file to the system
|
||||
you'll use in "fake powershell" mode.
|
||||
To generate a `adzonedump.ZONE.json` file, run `dnscontrol preview` on a Windows system then copy the appropriate file to the system you'll use in "fake powershell" mode.
|
||||
|
||||
The `adzonedump.ZONE.json` files should be UTF-16LE encoded. If you
|
||||
hand-craft such a file on a non-Windows system, you may need to
|
||||
convert it from UTF-8 to UTF-16LE using:
|
||||
The `adzonedump.ZONE.json` files should be UTF-16LE encoded. If you hand-craft such a file on a non-Windows system, you may need to convert it from UTF-8 to UTF-16LE using:
|
||||
|
||||
iconv -f UTF8 -t UTF-16LE <adzonedump.FOO.json.utf0 > adzonedump.FOO.json
|
||||
|
||||
|
||||
Reference in New Issue
Block a user