Indented!

After fixing a couple of authentication bugs with Set-DnsRecord and New-DnsRecord I decided to make an attempt to finish off some of the zone and server CmdLets.

The module now contains these additional CmdLets.

• Refresh-DnsZone – Implements the ForceRefresh method for Secondary Zones
• Reload-ADDnsZone – Implements the UpdateFromDS method for AD Integrated Zones
• Reload-DnsZone
• Reset-DnsZoneType – Implements the ChangeZoneType method
• Resume-DnsZone
• Set-DnsZoneTransfer – Implements the ResetSecondaries method
• Start-DnsScavenging
• Start-DnsService
• Stop-DnsService
• Suspend-DnsZone – Implements the Pause method
• Update-DnsZoneFile

As usual, the module can be downloaded from code.msdn.microsoft.com/dnsshell.

A new version of DnsShell has been released, this release improves Get-ADDnsRecord and adds Get-ADDnsPartition and Get-ADDnsZone.

The updated release is available on MSDN as version 0.2.0.

code.msdn.microsoft.com/dnsshell

Basic help is available for each of the new CmdLets.

DnsShell is my PowerShell module intended to help administer MS DNS. This is an alpha relaese, it may contain bugs, it should be tested in a safe environment first.

The module is currently available on MSDN.

The following CmdLets are implemented at this stage:

• Get-Dns
• Clear-DnsCache
• Get-DnsRecord
• Get-DnsServer
• Get-DnsZone
• New-DnsRecord
• New-DnsZone
• Remove-DnsObject
• Set-DnsRecord
• Get-ADDnsRecord

I am in the process of writing detailed CmdLet help, it will be made available as soon as possible.

Microsoft DNS is able to store records in Active Directory when running on a Domain Controller. The information is stored in a Binary Large Object (BLOB) called DNSRecord. No official maps for that attribute appear to have been published. The information below is a result of reverse engineering the contents of the attribute.

Michael Smith has a very pretty PowerShell script which uses the structures below, and a few more, to convert the DnsRecord attribute into a human readable format on his blog, Michael’s meanderings….

Update 02/02/2010: In December 2009, Microsoft released a (not entirely accurate) protocol specification including details of dnsRecord and dnsProperty: MS-DNSP.pdf
more >>

The Global Query Block List is a feature of the DNS Service in Windows 2008 discussed on TechNet.

However, although it is advertised of as a feature of Windows 2008 DNS it is present in Windows 2003 from DNS version 5.2.3790.4460 and above, released with KB 961063.
more >>

DNS administration in PowerShell, including tasks like creating zones and adding Host (A) records, can be performed using the WMI interface. Full documentation for the interface is available from Microsoft in the DNS WMI Provider Reference.

I have released a PowerShell 2.0 module using the WMI provider here.
more >>

Using WMI it is possible to modify any existing record hosted on a Microsoft DNS Server. The method used varies slightly depending on which record type we want to change.
more >>

Taking advantage of the fact that DNS will always respond with an authoritative answer if it has one allows exceptions for single hosts. In essence, using DNS as a centralised hosts file.
more >>

This post explains how to identify and report on stale records in a dynamically updated Microsoft DNS zone.
more >>

Windows 2008 has an improved user interface for DNS. The main console includes details of a records time stamp and whether or not the record is Static. Life isn’t quite so easy with Windows 2003. However, as each static record has a time stamp set to 0 they can be found with a little work.
more >>