Skip to main content

NOTAUTH error for nsupdates

chamelion
Hi all, I'm having a pretty frustrating time trying to update a zone file through nsupdate. I'm using centos with the latest WHM. I realise I can update through WHM but the script is doing something a bit more sophisticated based on some rules. My named.conf has a key defined: key "rndc-key" { algorithm hmac-md5; secret "THISISMYSECRET=="; }; I have a domain mydomain.com which is referenced twice in named.conf, once in the view "internal" and once in view "external." Both the zone entries are identical: zone "mydomain.com" { type master; file "/var/named/example.com.db"; allow-update { key rndc-key; }; }; Then, a simple nsupdate: #nsupdate >server localhost >key rndc-key THISISMYSECRET== >zone mydomain.com >update add test 86400 A 1.1.1.1 >send Output is: update failed: NOTAUTH I've tried changing the update add command, playing with: test (as above) test. test.mydomain.com test.mydomain.com. All of them yield the same NOTAUTH failure. Any tips?

Comments

5 comments

Date Votes
  • cPanelMichael
    Hello, I believe an allow-update entry is required under each zone entry for the individual domain names in the /etc/named.conf file. There's a third-party URL where this is discussed at: Things I wish I'd known about nsupdate and dynamic DNS updates Thank you.
    0
  • chamelion
    Hello, I believe an allow-update entry is required under each zone entry for the individual domain names in the /etc/named.conf file. There's a third-party URL where this is discussed at: Things I wish I'd known about nsupdate and dynamic DNS updates Thank you.

    Hi Michael, I already have an allow update entry which specifies the key required to update the zone file - see my original post? Thanks!
    0
  • cPanelMichael
    Hello, Would you mind opening a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome. Thank you.
    0
  • chamelion
    Hello, Would you mind opening a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome. Thank you.

    request ID 8160525 thanks!
    0
  • cPanelMichael
    Hello, To update, it looks like the issue was addressed with the help of our Technical Support team after some suggestions regarding the use of a fully qualified domain name after the "update add" command, and the addition of write permissions for the named group on the /var/named directory. Thank you.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post