Can non-admins create new domain on local DNS from a client computer?

Question

We have a database server and web-dashboard currently accessed using the IP address that we need to access with a DNS name.

I don't have administrative access to the infrastructure. We're international, and most servers are accessed with Remote Desktop. We have a DNS server, but I don't have permissions to access it remotely.

Everywhere I looked assumes administrative control over the DNS server, or they'll tell you to setup your own DNS. I'm going to have to use one of the existing ones.

Is there a way to send a request from my PC to the DNS to register a new domain name to an IP address?

I feel like there must be, because device names are registered automatically as host names in the local DNS.

I can contact the administrative team, but they are difficult to work with.

Answer 1

You can use the hosts file on each workstation that you want to reference to the database server. You need to update each workstation individually, and if the IP address changes, then you need to update each workstation again.

Using the hosts files is fraught with all sorts of problems and does not scale very well at all. So if this a solution that is going to be used by many people, get in touch with your DNS administrators, and have them amend your DNS instead. You will need administrative access to each workstation in order to change the contents of the hosts file.

Also, you have not indicated whether this DNS server sits internally on your network, or externally. If it is external, you could register your new own domain name, and define the server as a host on your new domain name.

On Windows, the hosts file is located:

`c:\windows\system32\drivers\etc\hosts`

On Linux, the hosts file is located:

`/etc/hosts`

On MacOSX, the hosts file is located:

`/private/etc/hosts`

Answer 2

device names are also registered automatically as host names in the local DNS.

• If you are talking about an Active Directory domain (where domain member PCs register themselves in DNS), this works via RFC 2136 dynamic updates that could be performed using the nsupdate tool from BIND. The default is to require Kerberos authentication – the GSS-TSIG option in nsupdate – and (as far as I know) will allow any valid user to register any host name by default.

  $ kinit [email protected]
  $ nsupdate <<-!
    gsstsig
    zone ad.example.com
    del test.ad.example.com 0 IN ANY
    add test.ad.example.com 3600 IN A 192.0.1.7
    add test.ad.example.com 3600 IN AAAA 2001:db8:1::7
    add test.ad.example.com 3600 IN TXT "Huntbook's webapp"
    send
  !
  

  (…I kind of suspect that the "admin" API used by the Active Directory DNS control panel (RSAT) follows the same security configuration, and would let you create new DNS entries from a GUI, but at the moment I can't verify that. You can install the RSAT GUI tools on Windows via "Add Feature" and have a try.)

• On the other hand, if you are talking about a smaller office setup where any random device registers itself in the router's ".lan" or ".home"-style DNS domain, this actually works via DHCP – devices don't register themselves as such; they only provide their hostname as part of obtaining an IP address lease, and so the router only registers those hostnames that correspond to physical devices.

  In those networks, registering a second name is doable using e.g. a Linux macvlan to acquire a second DHCP lease for the machine, but honestly that's far too much into the weeds – consider that someone will need to understand and admin this setup after you.