C# DNSAPI - How to create a DNS Record.

  • Thread starter Thread starter screenbert
  • Start date Start date
S

screenbert

I have a need to create a web-portal that allows certain users to
create DNS A records in a specific domain.

I've looked into using WMI to do this in my C# code, but the DNS server
is on a Domain Controller. In order to use WMI, we would have to allow
the service account to have more permissions than we want to give the
service account, since the target server is a Domain Controller.

I've also looked into using DNSCMD.exe and launching a Shell, but in
order to do this the username and password has to be in our code
unencrypted. Once again a security risk.

The only option I see left is using the DNSAPI from within C#. However
this is where I'm a little lost. I've seen examples on the net where
people have used the DNS_Query function, but no examples of anyone
using the DnsModifyRecordsInSet function. (
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dns/dns/dnsmodifyrecordsinset.asp
)

I know that I have to declare the API in my C# code, and then also the
various types have to be specified. This is where I'm lost. C# doesn't
recognize HANDLE hContext.

Does anyone have any code examples on how to use the
DNSModifyRecordsInSet function from within C#? Any assistance would be
greatly appreciated.

Screenbert
 
Inline

Willy.

|I have a need to create a web-portal that allows certain users to
| create DNS A records in a specific domain.
|
| I've looked into using WMI to do this in my C# code, but the DNS server
| is on a Domain Controller. In order to use WMI, we would have to allow
| the service account to have more permissions than we want to give the
| service account, since the target server is a Domain Controller.
|
You don't need to run the service with elevated privileges, just use
explicit fixed credentials when connecting to the remote (DC) server's
WMI/DNS provider. Your servername and credentials can be encrypted (using
aspnet_regiis.exe) in your web.config file (f.i in connectionStrings). Apply
role based security to only allow certain users to conect to the DNS.

Another option is to move this part of your application in a COM+
(EnterpriseServices) server type application, have this one run with fixed
(elevated credentials (DC admin or DNS server admin) and apply attributed
role based security to restrict access to the DNS to "certain" users only.



| I've also looked into using DNSCMD.exe and launching a Shell, but in
| order to do this the username and password has to be in our code
| unencrypted. Once again a security risk.
|
| The only option I see left is using the DNSAPI from within C#. However
| this is where I'm a little lost. I've seen examples on the net where
| people have used the DNS_Query function, but no examples of anyone
| using the DnsModifyRecordsInSet function. (
|
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dns/dns/dnsmodifyrecordsinset.asp
| )
|
| I know that I have to declare the API in my C# code, and then also the
| various types have to be specified. This is where I'm lost. C# doesn't
| recognize HANDLE hContext.
|
A HANDLE is represented by an IntPtr type in .NET.

| Does anyone have any code examples on how to use the
| DNSModifyRecordsInSet function from within C#? Any assistance would be
| greatly appreciated.
|
| Screenbert
|
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Reverse DNS Lookup - Need Ability to specify which DNS Server is contacted. 1
DNS update via code. 9
DnsApi problems 1
DNSAPI Warning 1
EventId:11166 DNSApi 1
How to resolve MX record given a domain name 1
How to Bind A dynamic Drop Downlist In A Datalist 1
How Do i find the listed functions of DNSAPI 17

Back
Top