This post explains how to identify and report on stale records in a dynamically updated Microsoft DNS zone.

The time stamp taken from a DNS record represents the numbers of hours since 01/01/1601 00:00. The value can be converted into a useful date within a script. By default, all times are reported and tested in UTC.

A stale record is a record where both the No-Refresh Interval and Refresh Interval have passed without the time stamp updating. Ordinarily stale records would be removed by a Scavenging process. These scripts may be useful if trying to asses the impact of enabling Scavenging or reducing Aging intervals.

Listing stale records with VbScript

This script uses a WMI query to return all A records for a domain, then it sorts through each record, echoing when the time stamp is older than our pre-defined maximum age. The script will work best when run with cscript.

Listing stale records with PowerShell

This snippet uses Get-WMIObject and a improved query to return only stale records rather than sorting after returning all dynamic records.

A timespan value is generated to represent the minimum value of TimeStamp for valid records.

Reading Aging intervals with PowerShell

The Aging intervals and the date the zone can be scavenged set on a zone can be read using WMI using the MicrosoftDNS_Zone class. As with the TimeStamp the .AddHours method must be used to return a date.

Localisation

As mentioned at the beginning of this post, all times are reported in UTC by default. By calling a the ToLocalTime method the date returned can be converted to local time, using the time zone configured on the system executing the query.

Leave a Reply

Your email address will not be published. Required fields are marked *