This post explains how to restrict automatic NS resource record registration in Windows Server DNS using
Dnscmd. This prevents Windows Server DNS to automatically create NS records for zones that it hosts on the server.
This registry key restricts the DNS server to create name server resource records (NS records) automatically while loading it’s DNS zones. By default the name server automates the creation of name server resource records upon loading its zones.
If the registry value is set to 1, the DNS server is restricted from registering NS resource records for authoritative zones. Also existing Name server (NS) records for the authoritative zones that are located on the DNS server are deleted automatically.
To enable DisableNSRecordsAutoCreation on the command line use the following command:
Dnscmd /config /DisableNSRecordsAutoCreation 1
Protip: enabling this DisableNSRecordsAutoCreation setting disables the auto creation of NS records zones that it hosts.
When you just want to know the current status of the setting, run:
Dnscmd /info /DisableNSRecordsAutoCreation
And you can always disable it:
Dnscmd /config /DisableNSRecordsAutoCreation 0
My name is Jan. I am not a hacker, coder, developer or guru. I am merely a systems administrator, doing my daily thing at Vevida.
If you feel a post has helped solve your problem, or has saved you time, please consider making a donation. You can transfer a direct donation through Paypal or via bank wire-transfer IBAN: NL31 ABNA 0432217258 (Jan Reilink). Thanks!