Scripting DNS entries


For reasons to do with DR we needed to change our IP addressing scheme, either for our servers or for our PCs and printers and what not. Obviously changing PCs and printers was a whole lot easier due to the possible issues of inept developers’ hard coding IP addresses causing no end of problems with re-addressing the servers.

This has entailed changing all the DNS entries for our printers, (whatever happened to the paperless office?) That in itself is no real challenge, they all have web interfaces so a quick connect and amend the setting then next printer.
Updating the DNS entries was going to be a bit tiresome so I did a quick Google on how to do this with a script and up popped DNSCMD.

You can run this from a CMD box on your PC, the main options you need to know are /recorddelete and /recordadd.

To delete a record you simple need to type

dnscmd <ServerName> /recorddelete <ZoneName> <NodeName> <RRType> <RRData>[/f]

What does all that mean?

Well if you have DNS record on DNS server called DNS01 for a printer called HP1 in the zone company.com and the record type is A and IP address of 10.0.0.1, then to delete it type

dnscmd DNS01 /recorddelete company.com HP1 A 10.0.0.1

And its job done. 
"But what's that /F thingy at the end for?" you may well ask. Well if you include that it won't ask if you’re sure you want to do this, if you knock up a batch file with 50 or so entries in it you'll need that at the end or it will fail. This will remove the PTR record as well.

To add new entries in you just do a 

dnscmd [<ServerName>] /recordadd <ZoneName> <NodeName> <RRType> <RRData>

Or with the same details as above

dnscmd DNS01 /recordadd company.com HP1 A 10.0.0.1

There is no /f switch needed here.
If you need to create a PTR record at the same time you can, all the stuff on the web suggest running a second /record add with the reverse look up zone and a PTR as the record type. Something like

dnscmd DC01 /recordadd 0.0.10.in-addr.arpa. 10 PTR HP1.company.com

However there is a much easier way, you can simply add the /CreatePTR switch to the original command line so it looks like

dnscmd DNS01 /recordadd company.com HP1 /CreatePTR A 10.0.0.1

This will add a normal resource record and the PTR record at the same time; it’s like a buy one, get one free offer at the local supermarket.

There is a lot of stuff you can do with DNSCMD a good place to look is the Microsoft Technet article at http://technet.microsoft.com/en-us/library/cc772069%28WS.10%29.aspx#BKMK_15. This is actually under the AZ list of command line references for server 2008/2008R2 so you may wish to do some book marking. Some other ones that are worth a look are DSADD, DSQuery, DSMOD for doing stuff in AD and another really useful one is FORFILES that allows you to carry out an action on a set of files that meet certain criteria, I use this to delete files older than a set number days in a particular folder running from task scheduler, it is handy way to stop those IIS log files getting out of hand, though you could move them to another drive or anything you can run from the commend line such as zipping them up.

Comments

  1. Anonymous30 April 2013 at 09:06

    The above commands errors out with the below error:

    Command failed: DNS_WARNING_PTR_CREATE_FAILED 9715 0x25F3

    ReplyDelete
  2. Lorribot30 April 2013 at 20:11

    Sorry it didn't work for you. I assume it was teh pointer creation that failed looking at the error message. WIthout knowing your environment or the exact command line you entered it is difficult to know why it failed. have you tried bith of the pointer creation commands listed?

    ReplyDelete
  3. Anonymous16 August 2013 at 19:23

    Is there a way to remove both the record and its corresponding PTR in the reverse lookup zone with a single command?

    I mean can I run something like

    dnscmd DNS01 /recordDelete company.com HP1 /removePTR A 10.0.0.1

    ReplyDelete
  4. Anonymous21 August 2014 at 09:04

    any update on deleting both records in one command?

    ReplyDelete
  5. Anonymous15 December 2014 at 12:16

    dnscmd DNS01 /recordDelete company.com HP1 A 10.0.0.1

    deletes both A and PTR

    ReplyDelete

Post a Comment

Popular posts from this blog

Enterprise Vault - Failed Exchange Task

Here's another weird one. Enterprise Vault, we use this for e-mail archiving. It does a reasonable job. Probably no better or worse than any similar product. A couple of days ago I noticed that there was warning that it hadn't archived anything from one of our mailbox servers for a couple of days, not big issue as there is just a couple mailboxes on there as it used for testing at the moment. I had a look at the associated task and it was stopped. Started it and it failed. Error in the event log looked something like below The Task 'Exchange Mailbox Archiving Task for EXCH' failed to log on to Exchange server 'EXCH' using mailbox 'SMTP:EnterpriseVault@symantec.local'. Please ensure the mailbox has not been hidden, that the server is running and that the Vault account has sufficient permissions on the server. I went through every conceivable setting in AD, EV and Exchange trying to work out what had happened and why it wasn't working on thi
Read more

Windows Phone to iPhone - a painful transition

Windows Phone died a death due to a whole heap of incompetence from Microsoft.  My phone was an old Nokia 925, about 4 1/2 years old and bought and paid by my company. There were always low requirements for company phones, if it rung and you answered it, all was good. Then Hangouts reared its head (Google want to destroy MS, so WP support) but third-party support gave a stay of execution. The final nail was a requirement for out of hours support software that had no app for Windows Phone. I had to be “downgraded” to an iPhone 6s (yes, it is a low spec 2 version old iPhone, better hardware than my 925 but not really up there as a current version, how my company loves their staff, buy expensive crap rather than cheap crap). Stuff that just worked on my old phone, now needs 'me' to be re-engineered to work the Apple way.  This is only slightly less bad than the Google eat all your life and sell it back to you way, but it is like stepping back in to the 1990s Microsoft way
Read more