Add method of the PS_DnsServerSigningKey class
Adds a KSK or ZSK to the input zone.
Syntax
uint32 Add(
[in] string ZoneName,
[in] string Type,
[in] string CryptoAlgorithm,
[in] string ComputerName,
[in] uint32 KeyLength,
[in] datetime InitialRolloverOffset,
[in] datetime DnsKeySignatureValidityPeriod,
[in] datetime DSSignatureValidityPeriod,
[in] datetime ZoneSignatureValidityPeriod,
[in] datetime RolloverPeriod,
[in] string ActiveKey,
[in] string StandbyKey,
[in] string NextKey,
[in] string KeyStorageProvider,
[in] boolean StoreKeysInAD,
[in] boolean PassThru,
[out] DnsServerSigningKey cmdletOutput
);
Parameters
-
ZoneName [in]
-
Specifies name of the zone on which DnsSec operations are performed.
-
Type [in]
-
Specifies if the key is a KeySigningKey or a ZoneSigningKey.
-
CryptoAlgorithm [in]
-
Specifies the cryptographic algorithm used for key generation.
-
ComputerName [in]
-
Specifies an optional DNS server name.
-
KeyLength [in]
-
Specifies the length in bits of keys.
-
InitialRolloverOffset [in]
-
Specifies amount of time to delay the first scheduled key rollover. This allows for key rollovers to be staggered.
-
DnsKeySignatureValidityPeriod [in]
-
Amount of time that signatures covering DNSKEY record sets should be valid.
-
DSSignatureValidityPeriod [in]
-
Specifies amount of time that signatures covering DS record sets should be valid.
-
ZoneSignatureValidityPeriod [in]
-
Specifies amount of time that signatures covering all other record sets should be valid.
-
RolloverPeriod [in]
-
Specifies amount of time between scheduled key rollovers.
-
ActiveKey [in]
-
Specifies signing key pointer string for the KeySigningKey's active key.
-
StandbyKey [in]
-
Specifies signing key pointer string for the KeySigningKey's standby key.
-
NextKey [in]
-
Specifies signing key pointer string for the KeySigningKey's next key. This key will be used during the next key rollover event.
-
KeyStorageProvider [in]
-
Specifies the Key Storage Provider used to generate keys.
-
StoreKeysInAD [in]
-
If specified, stores the keys in Active Directory. Applicable only for AD integrated zones and the vendor of KeyStorageProvider is Microsoft. Not applicable otherwise.
-
PassThru [in]
-
True to return the object that was modified by the method. By default, this method does not generate any output.
-
cmdletOutput [out]
-
Receives and embedded instance of the DnsServerSigningKey class.
Requirements
| Minimum supported client |
None supported |
| Minimum supported server |
Windows Server 2012 |
| Namespace |
Root\Microsoft\Windows\Dns |
| MOF |
|
| DLL |
|