After fixing a couple of authentication bugs with Set-DnsRecord and New-DnsRecord I decided to make an attempt to finish off some of the zone and server CmdLets.

The module now contains these additional CmdLets.

  • Refresh-DnsZone – Implements the ForceRefresh method for Secondary Zones
  • Reload-ADDnsZone – Implements the UpdateFromDS method for AD Integrated Zones
  • Reload-DnsZone
  • Reset-DnsZoneType – Implements the ChangeZoneType method
  • Resume-DnsZone
  • Set-DnsZoneTransfer – Implements the ResetSecondaries method
  • Start-DnsScavenging
  • Start-DnsService
  • Stop-DnsService
  • Suspend-DnsZone – Implements the Pause method
  • Update-DnsZoneFile

As usual, the module can be downloaded from

DnsShell is my PowerShell module intended to help administer MS DNS. This is an alpha relaese, it may contain bugs, it should be tested in a safe environment first.

The module is currently available on MSDN.

The following CmdLets are implemented at this stage:

  • Get-Dns
  • Clear-DnsCache
  • Get-DnsRecord
  • Get-DnsServer
  • Get-DnsZone
  • New-DnsRecord
  • New-DnsZone
  • Remove-DnsObject
  • Set-DnsRecord
  • Get-ADDnsRecord

I am in the process of writing detailed CmdLet help, it will be made available as soon as possible.

Microsoft DNS is able to store records in Active Directory when running on a Domain Controller. The information is stored in a Binary Large Object (BLOB) called DNSRecord. No official maps for that attribute appear to have been published. The information below is a result of reverse engineering the contents of the attribute.

Michael Smith has a very pretty PowerShell script which uses the structures below, and a few more, to convert the DnsRecord attribute into a human readable format on his blog, Michael’s meanderings….

Update 02/02/2010: In December 2009, Microsoft released a protocol specification including details of dnsRecord and dnsProperty: MS-DNSP.pdf
More »