Technitium DNS Manager in bash

Technitium DNS Manager: Complete Command-Line Guide + 2026 Enhancements

Meta Description:

Table of Contents

SectionDescription
What is Technitium DNS Manager?Overview and core capabilities
Why Choose tdns-mgr in 2026?Latest improvements and features
Complete API Coverage Explained100% endpoint implementation
Installation and SetupQuick start guide
Authentication and SecurityToken management and config
DNS Zone ManagementCreating and managing zones
Record Management and Bulk OperationsCSV imports and automation
High Availability ClusteringEnterprise-grade redundancy
DHCP Server IntegrationScope and lease management
Advanced FeaturesToday’s latest enhancements
Automation and DevOps IntegrationCI/CD pipeline examples
Troubleshooting Common IssuesSolutions and best practices
Performance Optimization TipsSpeed and efficiency
Security Best PracticesHardening your setup
FAQCommon questions answered
ConclusionFinal thoughts

What is Technitium DNS Manager?

Technitium DNS Manager (tdns-mgr) is a powerful, enterprise-grade command-line interface bash script designed for managing Technitium DNS Server through its comprehensive REST API. Released under the MIT License, this pure Bash script provides 100% API coverage of Technitium DNS Server Version 14.3+, enabling complete server management without requiring complex runtime dependencies or compilation like Python or Go.

Core Capabilities

The script delivers extensive functionality across multiple domains:

  • Complete DNS Zone Control: Create, modify, enable, disable, import, export, and delete DNS zones with support for Primary, Secondary, Stub, and Forwarder zone types
  • Comprehensive Record Management: Support for A, AAAA, CNAME, MX, TXT, NS, PTR, SRV, and CAA records with automatic PTR generation
  • Enterprise Clustering: Full cluster lifecycle management including initialization, joining, synchronization, and failover promotion
  • DHCP Server Integration: Manage scopes, leases, reservations, and dynamic-to-static conversions
  • DNSSEC Support: Complete cryptographic signing with multiple algorithms (RSA, ECDSA, EDDSA)
  • Apps Marketplace: Install, configure, and manage DNS Apps from Technitium’s ecosystem

tdns-mgr script Technical Architecture

Built with cross-platform portability as a priority, tdns-mgr utilizes the #!/usr/bin/env bash shebang for maximum portability across Linux distributions, macOS, and Unix-like systems. The tool requires only three standard dependencies—curl, jq, and awk—ensuring it runs on virtually any modern system without complex setup procedures.

The script architecture follows best practices with modular function design, comprehensive error handling, and intelligent dependency detection that automatically offers installation on supported platforms including Debian/Ubuntu, RHEL/CentOS, Alpine, Arch Linux, OpenSUSE, and macOS via Homebrew.

Why Choose tdns-mgr in 2026?

Enhanced Configuration Management: The tool now implements a hierarchical configuration precedence system that checks multiple locations in order:

  1. Command-line environment variables (highest priority)
  2. User configuration directory: ~/.config/tdns-mgr/.tdns-mgr.conf
  3. System-wide configuration: /etc/tdns-mgr/.tdns-mgr.conf
  4. Script directory configuration

Improved CSV Import Functionality

The record import feature now includes a sophisticated CSV parser built entirely in AWK for maximum compatibility. This enhancement handles:

  • Quoted fields containing commas
  • Windows-style line endings (CRLF)
  • Header row detection and automatic skipping
  • Comprehensive error reporting with JSON-formatted output
  • Automatic PTR record creation with the --ptr flag

The CSV import function now returns detailed statistics in JSON format, showing the count of successfully imported records, errors encountered, and specific error messages for troubleshooting.

Advanced Quiet Mode for Automation

The quiet mode (-q, --quiet, or --silent flags) has been refined to output pure JSON responses, making tdns-mgr perfect for integration with automation frameworks, monitoring systems, and CI/CD pipelines. This mode suppresses all informational output while preserving error messages to stderr, ensuring clean data streams for parsing with tools like jq.

Added debugging output

The debug (--debug flag) has been added to help when things aren’t working as expected. It provides verbose output of the API calls and responses, including full request and response bodies. It also includes cURL commands for easy reproduction. The configuration and environment variables being used will also be displayed.

Hierarchical Help System

Version 1.1.0 introduces a comprehensive help system with three distinct levels:

  • Summary Help: Quick overview with available topics
  • Topic-Specific Help: Detailed guidance for 11 command categories (Authentication, DNS, Cluster, Administration, DHCP, Apps, Blocked, Logging, DNSSEC, Settings, Client)
  • Verbose Help: Complete command reference in a single output

This structured approach reduces the learning curve and improves discoverability for both new users and those exploring advanced features.

Complete API Coverage Explained

One of tdns-mgr’s most compelling features is its 100% coverage of the Technitium DNS Server API. This means every functional endpoint exposed by the DNS server has a corresponding command in the CLI tool.

API Endpoint Categories

The tool implements ALL active API endpoints in Technitium Version 14.3 across 11 major categories:

CategoryEndpointsCommands
User Session & Authentication5login, logout, change-password, check-update
DNS Zones Management12create-zone, delete-zone, list-zones, enable-zone, disable-zone, import-zone, export-zone, export-zones, import-zones
DNS Records Management4add-record, update-record, delete-record, list-records, import-records
Cluster Management6cluster-init, cluster-join, cluster-status, cluster-leave, cluster-promote, cluster-resync
Administration (Users/Groups)15admin-user-list, admin-user-create, admin-user-delete, admin-group-list, admin-group-create, admin-group-delete, admin-perm-list, admin-session-list, admin-session-delete, admin-token-create
DHCP Server9dhcp-scope-list, dhcp-scope-get, dhcp-scope-set, dhcp-scope-enable, dhcp-scope-disable, dhcp-scope-delete, dhcp-lease-list, dhcp-lease-remove, dhcp-lease-convert
DNS Apps7app-list, app-install, app-uninstall, app-config-get, app-config-set
Blocked/Allowed Zones9blocked-list, blocked-add, blocked-delete, blocked-flush, allowed-list, allowed-add, allowed-delete, allowed-flush, blocklists-update
Logging & Statistics5log-list, log-download, log-query, stats-top, server-stats
DNSSEC Management3dnssec-sign, dnssec-unsign, dnssec-status
Settings & Configuration5settings-get, settings-set, zone-options-get, zone-options-set, catalog-list
DNS Client2client-resolve, query

Value of Complete Coverage

Complete API coverage means administrators can perform any task available in the web interface directly from the command line. This enables:

  • Full automation of DNS operations without GUI interaction
  • Scriptable workflows for complex multi-step operations
  • Integration with configuration management tools (Ansible, Terraform, Salt)
  • Monitoring and alerting through programmatic access to statistics
  • Disaster recovery with scriptable backup and restore procedures

Installation and Setup

Getting started with Technitium DNS Manager is straightforward, requiring minimal system preparation.

Prerequisites

Before installation, ensure your system has the following dependencies:

  • bash (version 4.0 or higher)
  • curl (for HTTP API calls)
  • jq (for JSON parsing)
  • awk (for CSV processing)

The script includes automatic dependency detection and can install missing packages on supported systems.

Installation Steps

Method 1: Manual Installation

 1# Download the script
 2wget https://github.com/burkeazbill/tdns-mgr/raw/main/tdns-mgr.sh
 3
 4# Make it executable
 5chmod +x tdns-mgr.sh
 6
 7# Move to system PATH
 8sudo mv tdns-mgr.sh /usr/local/bin/tdns-mgr
 9
10# Verify installation
11tdns-mgr --version

Method 2: Direct Execution

1# Clone the repository
2git clone https://github.com/burkeazbill/tdns-mgr.git
3cd tdns-mgr
4
5# Make executable
6chmod +x tdns-mgr.sh
7
8# Run directly
9./tdns-mgr.sh --help

Dependency Installation

When you first run tdns-mgr, it automatically checks for required dependencies. If any are missing, it prompts for installation with platform-specific package managers:

  • Debian/Ubuntu: apt-get install curl jq gawk
  • RHEL/CentOS/Fedora: dnf install curl jq gawk
  • Alpine Linux: apk add curl jq gawk
  • Arch Linux: pacman -S curl jq gawk
  • macOS: brew install curl jq gawk

Initial Configuration

After installation, configure your DNS server connection:

 1# Set server address
 2tdns-mgr config set server dns.example.com
 3
 4# Set port (default: 5380)
 5tdns-mgr config set port 5380
 6
 7# Set username (default: admin)
 8tdns-mgr config set user admin
 9
10# Authenticate
11tdns-mgr login

Configuration is saved to ~/.config/tdns-mgr/.tdns-mgr.conf with secure permissions (600).

Authentication and Security

Technitium DNS Manager implements secure token-based authentication aligned with best practices for API security.

Login Process

The tool supports both interactive and non-interactive authentication:

Interactive Login (prompts for password):

1tdns-mgr login

Non-Interactive Login (using environment variables):

1DNS_PASS="your_password" tdns-mgr login

Upon successful authentication, the server returns a bearer token that is automatically saved to the configuration file and used for all subsequent API calls.

Token Management

Authentication tokens are stored securely in the configuration file with restricted file permissions (chmod 600). The token is included in the HTTP Authorization header for all API requests:

1Authorization: Bearer <token>

Configuration File Security

The configuration file contains sensitive information including authentication tokens. The tool automatically sets proper permissions:

  • File location: ~/.config/tdns-mgr/.tdns-mgr.conf
  • Permissions: 600 (readable/writable only by owner)
  • Contents: DNS_SERVER, DNS_PORT, DNS_TOKEN, DNS_USER

Session Management

Administrators can manage active sessions through the admin commands:

1# List all active sessions
2tdns-mgr admin-session-list
3
4# Delete a specific session
5tdns-mgr admin-session-delete <partial_token>
6
7# Create long-lived API tokens
8tdns-mgr admin-token-create admin automation-token

Environment Variable Override

For enhanced security in automated environments, all configuration values can be overridden using environment variables, which take highest precedence:

1export DNS_SERVER="secure-dns.example.com"
2export DNS_PORT="5380"
3export DNS_TOKEN="your_secure_token"
4export DNS_USER="admin"

This approach prevents credentials from being stored on disk in shared or automated environments.

DNS Zone Management

Zone management forms the foundation of DNS operations, and tdns-mgr provides comprehensive control over all zone types.

Zone Types Supported

The tool supports all four Technitium DNS zone types:

  1. Primary Zones: Authoritative zones where records are directly managed
  2. Secondary Zones: Read-only copies synchronized from primary servers
  3. Stub Zones: Contain only NS records for delegation
  4. Forwarder Zones: Conditional forwarders for specific domains

Creating Zones

Primary Zone Creation:

1tdns-mgr create-zone example.com Primary

Secondary Zone Creation:

1tdns-mgr create-zone external.com Secondary

Stub Zone Creation:

1tdns-mgr create-zone external.com Stub

Conditional Forwarder:

1tdns-mgr create-zone corp.internal Forwarder

Zone Lifecycle Operations

Enable/Disable Zones:

1# Disable a zone temporarily
2tdns-mgr disable-zone example.com
3
4# Re-enable the zone
5tdns-mgr enable-zone example.com

Delete Zones (with confirmation prompt):

1tdns-mgr delete-zone old-domain.com

Zone Import and Export

BIND Format Export/Import:

1# Export single zone to BIND format
2tdns-mgr export-zone example.com example.com.zone
3
4# Import zone from BIND file
5tdns-mgr import-zone example.com example.com.zone

Bulk Zone Operations:

1# Export all zones to zip archive
2tdns-mgr export-zones backup-$(date +%Y%m%d).zip
3
4# Import all zones from backup
5tdns-mgr import-zones backup-20260102.zip

Zone Options Configuration

Advanced zone settings can be configured using the zone-options commands:

1# Get current zone options
2tdns-mgr zone-options-get example.com
3
4# Set zone transfer restrictions
5tdns-mgr zone-options-set example.com \
6    zoneTransfer=AllowOnlyZoneNameServers \
7    notify=ZoneNameServers

Record Management and Bulk Operations

DNS record management in tdns-mgr supports all common record types with both individual and bulk operation capabilities.

Supported Record Types

The tool provides full support for:

  • A - IPv4 address records
  • AAAA - IPv6 address records
  • CNAME - Canonical name (alias) records
  • MX - Mail exchanger records
  • TXT - Text records (SPF, DKIM, etc.)
  • NS - Name server records
  • PTR - Pointer records (reverse DNS)
  • SRV - Service locator records
  • CAA - Certification Authority Authorization

Adding Individual Records

Basic A Record:

1tdns-mgr add-record example.com www A 192.168.1.100

A Record with Custom TTL:

1tdns-mgr add-record example.com mail A 192.168.1.50 7200

Automatic PTR Creation:

1tdns-mgr add-record example.com server1 A 192.168.1.10 --ptr

The --ptr flag automatically creates the corresponding reverse DNS record and creates the PTR zone if it doesn’t exist.

IPv6 AAAA Record:

1tdns-mgr add-record example.com www AAAA 2001:db8::1

CNAME Alias:

1tdns-mgr add-record example.com ftp CNAME www.example.com

MX Record with Priority:

1tdns-mgr add-record example.com @ MX mail.example.com 10

CSV Bulk Import Feature

The enhanced CSV import functionality introduced in the 2026 update provides robust bulk record management.

CSV File Format:

1zone,name,type,value
2example.com,web,A,192.168.1.20
3example.com,db,A,192.168.1.21
4example.com,mail,CNAME,web.example.com
5example.com,@,TXT,"v=spf1 include:_spf.google.com ~all"

Import Command:

1# Basic import
2tdns-mgr import-records dns-records.csv
3
4# Import with automatic PTR creation
5tdns-mgr import-records dns-records.csv --ptr

Import Output:

The import function returns JSON-formatted statistics:

1{
2  "New Records": 45,
3  "Errors": 2,
4  "Message": "Completed with errors. Details: Failed server.example.com (CNAME): Record already exists; ..."
5}

CSV Parser Enhancements

The 2026 CSV parser improvements include:

  • Quoted field support: Handles commas within quoted values
  • Windows compatibility: Automatically strips carriage returns (CRLF)
  • Header detection: Skips header rows automatically
  • Comment support: Ignores lines starting with #
  • Error aggregation: Collects all errors for review

High Availability Clustering

Enterprise deployments require redundancy, and tdns-mgr provides complete cluster management capabilities for high-availability DNS infrastructure.

Cluster Architecture

Technitium DNS Server clustering uses a primary-secondary architecture with automatic synchronization. The cluster features:

  • Primary Node: Authoritative source for zone data
  • Secondary Nodes: Read-only replicas with automatic failover capability
  • Automatic Sync: Real-time replication of zone changes
  • Failover Promotion: Secondary nodes can be promoted to primary

Initializing a New Cluster

Primary Node Setup:

1tdns-mgr cluster-init cluster.example.com 192.168.10.10

This command:

  1. Initializes the cluster with the specified domain name
  2. Assigns the given IP address as the primary node
  3. Generates cluster synchronization credentials

Joining a Cluster

Secondary Node Join:

1tdns-mgr cluster-join https://primary.example.com:5380 \
2    192.168.10.11 admin <primary_password>

The join process:

  1. Authenticates with the primary node
  2. Registers the secondary node’s IP address
  3. Initiates initial zone synchronization
  4. Establishes continuous replication

Cluster Operations

Status Monitoring:

1# Get overall cluster status
2tdns-mgr cluster-status
3
4# Check specific node
5tdns-mgr cluster-status node2.cluster.example.com

Manual Synchronization:

1# Force resync from primary (run on secondary)
2tdns-mgr cluster-resync

Failover and Promotion

Promoting Secondary to Primary:

1# Graceful promotion
2tdns-mgr cluster-promote
3
4# Force promotion (if primary is unreachable)
5tdns-mgr cluster-promote true

Leaving the Cluster:

1# Graceful departure
2tdns-mgr cluster-leave
3
4# Force leave without notification
5tdns-mgr cluster-leave true

Cluster Best Practices

  1. Minimum 3 nodes: Deploy odd numbers of nodes for quorum
  2. Geographic distribution: Place nodes in different data centers
  3. Regular monitoring: Automate cluster status checks
  4. Network security: Use TLS and certificate validation
  5. Backup strategy: Maintain regular zone exports from primary

DHCP Server Integration

Beyond DNS services, tdns-mgr provides full DHCP server management capabilities for integrated network services.

DHCP Scope Management

Creating and Configuring Scopes:

 1# Basic scope creation
 2tdns-mgr dhcp-scope-set "Office Network" \
 3    192.168.1.100 \
 4    192.168.1.200 \
 5    255.255.255.0
 6
 7# Scope with additional options
 8tdns-mgr dhcp-scope-set "Office Network" \
 9    192.168.1.100 \
10    192.168.1.200 \
11    255.255.255.0 \
12    leaseTimeDays=7 \
13    routerAddress=192.168.1.1 \
14    dnsServers=192.168.1.10

Scope Lifecycle:

1# Enable scope
2tdns-mgr dhcp-scope-enable "Office Network"
3
4# Disable scope temporarily
5tdns-mgr dhcp-scope-disable "Office Network"
6
7# Delete scope
8tdns-mgr dhcp-scope-delete "Office Network"

Lease Management

Viewing Leases:

1# List all active leases
2tdns-mgr dhcp-lease-list

Removing Leases:

1# Remove specific lease by MAC address
2tdns-mgr dhcp-lease-remove "Office Network" 00:11:22:33:44:55

Reservation Management

Converting Leases:

1# Convert dynamic lease to reserved
2tdns-mgr dhcp-lease-convert "Office Network" \
3    00:11:22:33:44:55 Reserved
4
5# Convert reserved back to dynamic
6tdns-mgr dhcp-lease-convert "Office Network" \
7    00:11:22:33:44:55 Dynamic

This feature is invaluable for transitioning devices between dynamic and static IP assignments without reconfiguration.

Advanced Features

Today’s release of Technitium DNS Manager includes several advanced features that enhance functionality and usability.

Enhanced Error Handling

The script now implements comprehensive error handling with:

  • Colored output for visual clarity (red for errors, green for success, yellow for warnings)
  • Detailed error messages with context
  • JSON error responses preserved from API
  • Exit code propagation for automation

Improved CSV Import Engine

As detailed earlier, the CSV import functionality has been completely rewritten with:

  • AWK-based parser: Maximum compatibility across platforms
  • Robust field handling: Correctly processes quoted fields containing delimiters
  • Comprehensive error reporting: JSON output with detailed error messages
  • PTR automation: Automatic reverse DNS record creation

Configuration Hierarchy

The new multi-location configuration system provides flexibility:

Priority Order:

  1. Environment Variables (highest)
  2. ~/.config/tdns-mgr/.tdns-mgr.conf
  3. /etc/tdns-mgr/.tdns-mgr.conf
  4. ./tdns-mgr.conf (script directory)

This allows:

  • Per-user settings in home directory
  • System-wide defaults in /etc
  • Project-specific configs in current directory
  • Override capability via environment variables

Quiet Mode Refinements

The quiet mode (-q) has been optimized for automation:

  • Pure JSON output to stdout
  • Error messages only to stderr
  • No interactive prompts in quiet mode
  • Exit codes indicate success/failure

Example automation usage:

1# Extract specific data
2ZONE_COUNT=$(tdns-mgr -q list-zones | jq '.response.zones | length')
3
4# Conditional logic
5if tdns-mgr -q server-status > /dev/null 2>&1; then
6    echo "Server is running"
7fi

Help System Improvements

The hierarchical help system provides:

  • Summary view: Quick topic overview
  • Category help: Detailed command sets per topic
  • Verbose mode: Complete command reference
  • Example integration: Real-world usage patterns

Automation and DevOps Integration

Technitium DNS Manager excels in automation scenarios, making it ideal for DevOps workflows and infrastructure-as-code implementations.

CI/CD Pipeline Integration

GitHub Actions Example (Conceptual):

 1name: DNS Zone Deployment
 2on:
 3  push:
 4    paths:
 5      - 'dns-zones/**'
 6
 7jobs:
 8  deploy:
 9    runs-on: ubuntu-latest
10    steps:
11      - uses: actions/checkout@v3
12      
13      - name: Install Dependencies
14        run: |
15          sudo apt-get update
16          sudo apt-get install -y curl jq
17      
18      - name: Deploy DNS Records
19        env:
20          DNS_SERVER: ${{ secrets.DNS_SERVER }}
21          DNS_TOKEN: ${{ secrets.DNS_TOKEN }}
22        run: |
23          ./tdns-mgr.sh import-records dns-zones/records.csv

Ansible Integration

Ansible Playbook Example (Conceptual):

 1---
 2- name: Manage DNS Zones
 3  hosts: localhost
 4  tasks:
 5    - name: Create DNS Zone
 6      shell: |
 7        tdns-mgr create-zone {{ domain }} Primary
 8      environment:
 9        DNS_SERVER: "{{ dns_server }}"
10        DNS_TOKEN: "{{ dns_token }}"
11      
12    - name: Import DNS Records
13      shell: |
14        tdns-mgr import-records {{ records_file }}
15      environment:
16        DNS_SERVER: "{{ dns_server }}"
17        DNS_TOKEN: "{{ dns_token }}"

Terraform Provider (Conceptual)

While tdns-mgr doesn’t directly provide a Terraform provider, it can be used in local-exec provisioners:

1resource "null_resource" "dns_zone" {
2  provisioner "local-exec" {
3    command = "tdns-mgr create-zone ${var.domain} Primary"
4    environment = {
5      DNS_SERVER = var.dns_server
6      DNS_TOKEN  = var.dns_token
7    }
8  }
9}

Monitoring Integration

Prometheus Exporter Script:

 1#!/bin/bash
 2# Export DNS metrics for Prometheus
 3
 4STATS=$(tdns-mgr -q server-stats)
 5
 6echo "# HELP dns_total_queries Total DNS queries"
 7echo "# TYPE dns_total_queries counter"
 8echo "dns_total_queries $(echo "$STATS" | jq '.response.stats.totalQueries')"
 9
10echo "# HELP dns_total_blocked Total blocked queries"
11echo "# TYPE dns_total_blocked counter"
12echo "dns_total_blocked $(echo "$STATS" | jq '.response.stats.totalBlocked')"

Backup Automation

Automated Backup Script:

 1#!/bin/bash
 2# Daily DNS backup with retention
 3
 4BACKUP_DIR="/backups/dns"
 5DATE=$(date +%Y%m%d)
 6RETENTION_DAYS=30
 7
 8# Create backup
 9tdns-mgr export-zones "${BACKUP_DIR}/dns-backup-${DATE}.zip"
10
11# Move to backup directory
12mv "$BACKUP_FILE" /backups/dns/
13
14# Delete backups older than 30 days
15find /backups/dns/ -name "dns-backup-*.zip" -mtime +30 -delete
16
17# Verify backup
18if [ -f "${BACKUP_DIR}/dns-backup-${DATE}.zip" ]; then
19    echo "Backup successful: dns-backup-${DATE}.zip"
20else
21    echo "Backup failed!" >&2
22    exit 1
23fi

Troubleshooting Common Issues

Understanding common issues and their solutions ensures smooth operation of Technitium DNS Manager.

Authentication Failures

Issue: “Not authenticated” errors

Solutions:

  1. Verify server is accessible: tdns-mgr server-status
  2. Check credentials: tdns-mgr config show
  3. Re-authenticate: tdns-mgr login
  4. Verify token in config file: cat ~/.config/tdns-mgr/.tdns-mgr.conf

Connection Errors

Issue: “DNS Server is not accessible”

Solutions:

  1. Verify server address and port: curl http://server:5380
  2. Confirm correct DNS Protocol is specified in config (http/https)
  3. Check firewall rules
  4. Validate DNS resolution of server hostname
  5. Test with IP address instead of hostname

CSV Import Errors

Issue: Records fail to import

Solutions:

  1. Validate CSV format (zone,name,type,value)
  2. Check for Windows line endings (use dos2unix)
  3. Ensure zones exist before importing records
  4. Review error messages in JSON output
  5. Test with smaller batches to isolate problematic records

Permission Issues

Issue: “Failed to create config directory”

Solutions:

  1. Check home directory permissions: ls -la ~
  2. Manually create directory: mkdir -p ~/.config/tdns-mgr
  3. Verify user has write access
  4. Use alternate config location with environment variables

Dependency Problems

Issue: “Missing required dependencies”

Solutions:

  1. Install manually: sudo apt-get install curl jq gawk (Debian/Ubuntu)
  2. Verify PATH includes dependency locations: echo $PATH
  3. Check version compatibility: jq --version
  4. Use system package manager appropriate for your distribution

Performance Optimization Tips

Maximize efficiency when managing large DNS infrastructures with these optimization strategies.

Batch Operations

Use bulk imports instead of individual record additions:

1# Inefficient: 1000 individual commands
2for ip in $(seq 1 255); do
3    tdns-mgr add-record example.com "host${ip}" A "192.168.1.${ip}"
4done
5
6# Efficient: Single CSV import
7tdns-mgr import-records hosts.csv

Quiet Mode for Scripts

Enable quiet mode in automated scripts to reduce output, limiting to only json:

1# Standard mode (slower, verbose)
2tdns-mgr list-zones
3
4# Quiet mode (faster, JSON only)
5tdns-mgr -q list-zones | jq '.response.zones[] | .name'

Parallel Operations

Leverage GNU Parallel for concurrent operations:

1# Process multiple zones in parallel
2cat zones.txt | parallel -j 4 'tdns-mgr export-zone {} {}.zone'

Token Reuse

Avoid repeated logins by maintaining persistent tokens:

1# Set token once
2export DNS_TOKEN="your_long_lived_token"
3
4# Multiple operations without re-authentication
5tdns-mgr list-zones
6tdns-mgr server-stats
7tdns-mgr flush-cache

Local Configuration

Place config files in script directory for reduced lookup time:

1# Faster (direct file in script dir)
2cp ~/.config/tdns-mgr/.tdns-mgr.conf ./tdns-mgr/.
3
4# Slower (multiple location checks)
5# Relies on hierarchical search

Security Best Practices

Implement these security measures to protect your DNS infrastructure when using tdns-mgr.

Credential Management

  1. Never hardcode credentials in scripts
  2. Use environment variables for automation
  3. Rotate tokens regularly via admin-token-create
  4. Restrict config file permissions: chmod 600 ~/.config/tdns-mgr/.tdns-mgr.conf

Network Security

  1. Use HTTPS for API communication (configure Technitium with SSL)
  2. Restrict API access to specific IP addresses
  3. Deploy behind VPN for remote management
  4. Enable firewall rules limiting port 5380 access

Access Control

  1. Create dedicated users for automation: admin-user-create automation password123
  2. Assign minimal permissions through groups
  3. Monitor sessions: admin-session-list
  4. Audit token usage regularly

Audit Logging

  1. Enable query logging in Technitium settings
  2. Export logs regularly: log-download <date>
  3. Monitor for unauthorized changes
  4. Implement alerting on suspicious activity

Backup Security

  1. Encrypt backup files: Use gpg or openssl
  2. Store backups off-site with restricted access
  3. Test restore procedures regularly
  4. Maintain backup retention policies

FAQ

Q1: What operating systems does the Technitium DNS Manager bash script support?

The Technitium DNS Manager bash script is compatible with all Unix-like operating systems including Linux distributions (Debian, Ubuntu, RHEL, CentOS, Fedora, Alpine, Arch, OpenSUSE), macOS, and BSD variants. The script requires Bash 4.0+ and standard utilities (curl, jq, awk). Windows users can run it through WSL (Windows Subsystem for Linux).

Q2: How do I automate daily DNS backups with tdns-mgr?

Create a cron job that runs the export-zones command daily. Add this line to your crontab (crontab -e): 0 2 * * * /usr/local/bin/tdns-mgr export-zones /backups/dns/backup-$(date +\%Y\%m\%d).zip. This exports all zones at 2 AM daily to timestamped files. Combine with a cleanup script to maintain 30-day retention using find /backups/dns -mtime +30 -delete.

Q3: Can I manage multiple Technitium DNS servers with one installation?

Yes, use environment variables to switch between servers. Create separate configuration files or use: DNS_SERVER=server1.example.com DNS_TOKEN=token1 tdns-mgr list-zones and DNS_SERVER=server2.example.com DNS_TOKEN=token2 tdns-mgr list-zones. Alternatively, maintain multiple configuration files and specify which to use via environment variable overrides.

Q4: How does the CSV import handle errors?

The CSV import function processes all records and collects errors into a comprehensive report. It returns JSON output showing the count of successfully imported records, error count, and detailed error messages for each failed record. This allows you to identify and fix problematic entries without halting the entire import process.

Q5: What

Primary zones are authoritative zones where you directly manage DNS records. Secondary zones are read-only copies that automatically synchronize from a primary server (zone transfer). Use primary zones for domains you control directly and secondary zones when replicating from external authoritative servers. Technitium’s clustering feature uses a similar primary-secondary architecture for high availability.

Q6: How do I enable DNSSEC for my domains?

Use the dnssec-sign command: tdns-mgr dnssec-sign example.com. The default algorithm is ECDSA with P256 curve, suitable for most deployments. After signing, retrieve DS records with tdns-mgr dnssec-status example.com and submit them to your domain registrar. The DS records establish the chain of trust from the parent zone.

Conclusion

Technitium DNS Manager (tdns-mgr) represents the most comprehensive command-line tool available for managing Technitium DNS Server infrastructure. With 100% API coverage, the tool reduces the need for web GUI interaction while providing powerful automation capabilities for modern DevOps workflows.

The 2026 enhancements—including improved CSV imports, hierarchical configuration management, and refined quiet mode—make tdns-mgr an indispensable tool for system administrators managing DNS at scale. Whether you’re running a simple homelab or enterprise multi-site deployment with high-availability clustering, tdns-mgr provides the flexibility and power needed for professional DNS management.

The tool’s zero-dependency philosophy (requiring only standard Unix utilities), cross-platform compatibility, and comprehensive documentation lower the barrier to entry while maintaining enterprise-grade functionality. From bulk record imports to cluster failover automation, tdns-mgr delivers professional-grade DNS management through an intuitive command-line interface.

Get started today by downloading tdns-mgr from the official repository and experience the power of complete Technitium DNS automation. For detailed examples, refer to the comprehensive EXAMPLES.md documentation.