I have an ansible script that contains a powershell script (win_shell) to make changes to DNS on a Windows Server. The powershell script is as follows:
Add-DnsServerResourceRecordPtr -Name “46.228.20” -PtrDomainName PVDIMCSM40.intra.bca.co.id -ZoneName “10.in-addr.arpa”
This script is run by using a user I named ansidns which I have given the following permissions:
Winrm configSDDL default: Read & Execute
Computer management > WMI > Security
Root > CIMV2 : Execute methods, enable account, remote enable
Root > Microsoft > Windows > DNS : Execute methods, enable account, remote enableDNS Manager, in DNS Server zone: Read, Write, Create all child object
I give all the above permissions to descendant objects as well.
However, the following error appears after I run it:
Add-DnsServerResourceRecordPtr : Failed to create resource record 46.228.20 in zone 10.in
-addr.arpa on server KP1DOMDC06. At line:1 char:65 + [Console]::InputEncoding = New-Object
Text.UTF8Encoding $false; Add-DnsServer Res ... +
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +
CategoryInfo : PermissionDenied: (46.228.20:root/ Microsoft/...s ourceRecordPtr) [Add-
DnsServerResourceRecordPtr], CimException + FullyQualifiedErrorId : WIN32 5,Add-
DnsServerResourceRecordPtr
Does anyone have a solution to the above problem? What are the permissions I haven't added?
Thank you for the help