Partager via

Set method of the PS_DnsServerDnsSecZoneSetting class

  • Article

Specifies the NSEC/NSEC3 and other advanced DNSSEC settings for a zone.

Syntax

uint32 Set(
  [in]  string                     ZoneName,
  [in]  string                     DenialOfExistence,
  [in]  string                     NSec3HashAlgorithm,
  [in]  uint16                     NSec3Iterations,
  [in]  boolean                    NSec3OptOut,
  [in]  uint8                      NSec3RandomSaltLength,
  [in]  string                     NSec3UserSalt,
  [in]  string                     DistributeTrustAnchor[],
  [in]  boolean                    EnableRfc5011KeyRollover,
  [in]  string                     DSRecordGenerationAlgorithm[],
  [in]  datetime                   DSRecordSetTtl,
  [in]  datetime                   DnsKeyRecordSetTtl,
  [in]  datetime                   SignatureInceptionOffset,
  [in]  datetime                   SecureDelegationPollingPeriod,
  [in]  datetime                   PropagationTime,
  [in]  boolean                    ParentHasSecureDelegation,
  [in]  string                     ComputerName,
  [in]  boolean                    PassThru,
  [out] DnsServerDnsSecZoneSetting cmdletOutput
);

Parameters

ZoneName [in]

Name of the zone on which DnsSec operations are performed.

DenialOfExistence [in]

This setting is used by the DNS server to provide a signed proof of unregistered name in the DNS database.

NSec3HashAlgorithm [in]

NSEC3 hash algorithm. Default value is always 1.

NSec3Iterations [in]

NSEC3 iterations. Default value is 50.

NSec3OptOut [in]

NSEC3 opt-out. Default value is FALSE.

NSec3RandomSaltLength [in]

Random salt length in octets. Default is 8.

NSec3UserSalt [in]

User salt string. Default is NULL or -.

DistributeTrustAnchor [in]

Specifies if trust anchors should be published. Default is None.

EnableRfc5011KeyRollover [in]

Specifies if RFC 5011 key rollover is enabled. Default is FALSE.

DSRecordGenerationAlgorithm [in]

DS record generation algorithm. Valid values are: Sha1, Sha256 and Sha384. Default is Sha1.

DSRecordSetTtl [in]

DS Record Set TTL. Default is same as zone TTL.

DnsKeyRecordSetTtl [in]

TTL of DNS Key Record.

SignatureInceptionOffset [in]

Signature inception. Default is 1 hour.

SecureDelegationPollingPeriod [in]

Delegation polling period. Default is 12 hours.

PropagationTime [in]

Propagation time. Default is 2 days.

ParentHasSecureDelegation [in]

If parent has secure delegation.

ComputerName [in]

Optional DNS server name.

PassThru [in]

true to return the current instance in the CmdletOutput parameter. The default is false.

cmdletOutput [out]

On return, contains an instance of the current object. This parameter returns a value only if PassThru is set to true.

Requirements
Minimum supported client
 None supported
Minimum supported server
 Windows Server 2012
Namespace
 Root\Microsoft\Windows\Dns
MOF
DnsServerPSProvider.mof
DLL
DnsServerPSProvider.dll

See also

PS_DnsServerDnsSecZoneSetting