Windows 2008 has an improved user interface for DNS. The main console includes details of a records time stamp and whether or not the record is Static. Life isn’t quite so easy with Windows 2003. However, as each static record has a time stamp set to 0 they can be found with a little work.

When using an Active Directory Integrated zone records are stored within Active Directory as dnsNode objects. The Time Stamp value is encoded along with the rest of the record properties (TTL, etc) in the dnsRecord attribute on the dnsNode. The attribute is a Binary Large Object (BLOB), Microsoft do not currently publish references or maps for these attributes. WMI queries can be used as an alternative.

The DNS management console

To see the current time stamp, and whether a record is dynamic or not first enable View / Advanced in the DNS console. For each record that makes an additional tick box and text box visible.

The record below is dynamic, if the box is not ticked, and the time stamp field is blank the record is static. That means that unticking the box stating the record can be scavenged changes the record to static.

DNSCMD

DNSCMD installs along with the Windows Support Tools. It can be used to identify static records, although it can be very difficult pulling the results out of a list like this.

For example:

WMIC

WMIC, Windows Management Instrumentation Command-Line, will install the first time it is run. As the name suggests, it allows execution of WMI queries on the command line.

Or

VbScript

This VbScript snippet echoes each static record, it is works best when run with cscript.

PowerShell

The same search can be used for any record type, by changing the WMI class. The options most likely to be useful are:

  • MicrosoftDNS_AType – Address or Host records
  • MicrosoftDNS_CNAMEType – Alias records
  • MicrosoftDNS_MXType – Mail Exchanger records
  • MicrosoftDNS_NSType – Name Server records
  • MicrosoftDNS_SRVType – Service records
  • MicrosoftDNS_PTRType – Pointer records (Reverse Lookup zone)

1 Comment

  1. On your powershell script this line is incorrect -Namespace “rootMicrosoftDNS” it should be -Namespace “rootMicrosoftDNS” There may be a problem with the other examples as well, but I did not run the code to verify.

    Fix that then it works great.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *