Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

API & Integration, DevOps,NetOps,SecOps

Reply

Multiple objects in request body

[ Edited ]
New Member
Posts: 1
1800     0

Hi,

 

Trying to add few PTR records using multiple object body request API, below is the payload snippet

[
 {
  'method': 'POST',
  'object': 'record:ptr',
  'data': {
     'view': 'default',
     'ipv4addr': '3.X.X.1',
     'ptrdname': 'ptr.infoblox.com'
  }
 },
 {
  'method': 'POST',
  'object': 'record:ptr',
  'data': {
     'view': 'default',
     'ipv4addr': '3.X.X.2',
     'ptrdname': 'ptr.infoblox.com'
  }
 },
 {
  'method': 'POST',
  'object': 'record:ptr',
  'data': {
     'view': 'default',
     'ipv4addr': '3.X.X.3',
     'ptrdname': 'ptr.infoblox.com'
  }
 }
]
...

Somewhere in the payload an IP is creating below issue, probably zone under delegation as shown below.

{
    "Error": "AdmConDataError: None (IBDataConflictError: IB.Data.Conflict:Cannot add records to a zone that is not authoritative)",
    "code": "Client.Ibap.Data.Conflict",
    "text": "Cannot add records to a zone that is not authoritative"
}

Is there a option to achieve below items,

1. Prevalidate all the IPs to check for delegation before implementing and gather only valid ones, then perform API call

2. Any option available in request API to skip those records which fail and proceed with other records in multiple object body request

 

Or any other suggestion would be much appreciated.

 

Thanks

Re: Multiple object body request

Moderator
Moderator
Posts: 306
1800     0

Based on the error you shared, it sound like there is no in-addr.arpa zone configured to hold these records.  DNS records can only be created within a parent zone that is confiugred as primary in the grid.  (with the exception of MS Sync zones).

Re: Multiple object body request

Adviser
Posts: 181
1800     0

Hi,

 

The request object does not give provision to skip some of the requests based on success/failure.

If you would like to prevalidate the IP address, this would have to be done using the programming language you are using before invoking this API.

 

Regards,

Krishna

Showing results for 
Search instead for 
Did you mean: 

Recommended for You