Monthly Archive

Categories

DNS

DNS zone types

I was looking at the DNS zones for a project I’m working on. I needed to discover the conditional forwarder zone and hence the IP address of the DNS server to which the forwarding was occurring.

The zone I wanted had a ZoneType of 4 which puzzled me.

I remembered showing code to create a conditional forwarder in PowerShell in Practice (www.manning.com/siddaway)

$ip = “192.168.40.1”
$zone = [WMIClass]”\\dc02\root\MicrosoftDNS:MicrosoftDNS_Zone”
$zone.Create(“conditional.com”, 3, $true, $null, $ip)

When creating a conditional forwarder you use 3 for the zone type but when reading the zone you get a 4 as the zone type. Other zone types have similar differences

Primary zone (forward or reverse lookup) = create as type 0 and read as type 1

Stub zone = create as type 2 and read as type 3

This is another of the oddities that make WMI so much fun to work with. Easy when you know what’s happening but confusing when you don’t – just like so much with WMI. Does the W stand for Weird?  Smile

The Windows Server 2012 DNS cmdlets make this sooooo  much easier.

Creating DNS PTR records

When I was writing the DNS chapter of PowerShell in Practice I couldn’t get the CreateInstanceFromPropertyData  method on the MicrosoftDNS_PTRType  class to work. Revisiting DNS for AD management in a Month of lunches this time round I have access to the CIM cmdlets so can put the parameter names in.  This gives usage like this.  I’ve shown Invoke-WmiMethod and Invoke-CimMethod so you can see the parameter names:

Invoke-WmiMethod -Namespace root\MicrosoftDNS -Class MicrosoftDNS_PTRType `
-Name CreateInstanceFromPropertyData `
-ArgumentList "175.168.192.in-addr.arpa", 'server02', '55.175.168.192.in-addr.arpa',
"ADMLServer02.admldns.test" 

Invoke-CimMethod -Namespace root\MicrosoftDNS -ClassName MicrosoftDNS_PTRType `
-MethodName CreateInstanceFromPropertyData `
-Arguments @{Containername = "175.168.192.in-addr.arpa";
DnsServerName = 'server02'; OwnerName = '55.175.168.192.in-addr.arpa';
PTRDomainName ="ADMLServer02.admldns.test"}

 

If you have access to Windows 2012 then you are better off using the cmdlet

Add-DnsServerResourceRecordPtr –Name ‘54’ `
–ZoneName “175.168.192.in-addr.arpa” `
–PtrDomainName  ‘ADMLServer01.admldns.test’  `
–ComputerName server02

 

Which ever method you use – you can easily create PTR records

DnsClient module: #2 DnsClient & Cache

The DnsClient module has a number of Get- cmdlets

Get-DnsClient | Format-List InterfaceAlias, ConnectionSpecificSuffix, Register*, UseSuffix*

An example of the output is

InterfaceAlias                 : Ethernet
ConnectionSpecificSuffix       :
RegisterThisConnectionsAddress : True
UseSuffixWhenRegistering       : False

Of more interest when trouble shooting is Get-DnsClientCache

PS> Get-DnsClientCache | select -f 1 | fl

Entry      : 14.54.10.10.in-addr.arpa
RecordName : 14.54.10.10.in-addr.arpa.
RecordType : PTR
Status     : Success
Section    : Answer
TimeToLive : 86400
DataLength : 4
Data       : Win7test

You get a number of ways to interrogate the cache

PS> Get-Command Get-DnsClientCache  -Syntax

Get-DnsClientCache [[-Entry] <string[]>] [-Name <string[]>] [-Type <Type[]>] [-Status <Status[]>]
[-Section<Section[]>] [-TimeToLive <uint32[]>] [-DataLength <uint16[]>] [-Data <string[]>]
[-CimSession <CimSession[]>][-ThrottleLimit <int>] [-AsJob] [<CommonParameters>]

Its another CIM based cmdlet so you can use CimSessions to access remote machines. Very useful if you think the machine isn’t resolving DNS names properly

DnsClient module: #1 Get-DnsClientServerAddress

Started to investigate the DnsClient module.  First cmdlet to catch my eye was Get-DnsClientServerAddress.

Always good to know a way to find the DNS server.

PS> Get-DnsClientServerAddress

InterfaceAlias               Interface Address ServerAddresses
                             Index     Family
--------------               --------- ------- ---------------
Bluetooth Network Connection        19 IPv4    {}
Bluetooth Network Connection        19 IPv6    {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}
WiFi                                12 IPv4    {192.168.1.1}
WiFi                                12 IPv6    {}
isatap.tiscali.co.uk                14 IPv4    {192.168.1.1}
isatap.tiscali.co.uk                14 IPv6    {}
Ethernet                            13 IPv4    {}
Ethernet                            13 IPv6    {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}
Loopback Pseudo-Interface 1          1 IPv4    {}
Loopback Pseudo-Interface 1          1 IPv6    {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}
Teredo Tunneling Pseudo-I...        15 IPv4    {}
Teredo Tunneling Pseudo-I...        15 IPv6    {}

Now thats OK but I’d like a bit more information – especially the adapter and IP version.  We can get that data using Get-NetAdapter from the NetAdapter module.

Get-DnsClientServerAddress |             
where {$_.ServerAddresses -and $_.InterfaceAlias -notlike "Loop*" }|            
foreach {            
 $nic = $_            
 Get-NetAdapter -IncludeHidden -InterfaceIndex $($nic.InterfaceIndex) |            
 Add-Member -MemberType NoteProperty -Name ServerAddresses -Value $($nic.ServerAddresses) -PassThru |            
 Add-Member -MemberType NoteProperty -Name AddressFamily -Value $(if ($nic.AddressFamily -eq 2){"IPv4"}else{"IPv6"} ) -PassThru|            
 select Name, InterfaceDescription, ifIndex, Status, MacAddress, LinkSpeed, AddressFamily, ServerAddresses             
 }

 

I restricted the output to those interfaces that had DNS server addresses. Used the interface to get the adapter – notice the use of –IncludeHidden – and then used Add-Member to add the addresses and Address family to the data.

These may be CDXML cmdlets but they work the same as any other cmdlet

Finding the primary name of a DNS alias record

A forum question asked how to find the primary name from an alias or CNAME record.

Get-WmiObject -Namespace 'root\MicrosoftDNS' -Class MicrosoftDNS_CNAMEType `
-Filter "ContainerName = 'Manticore.org'" -ComputerName server02  |             
select @{N='Alias'; E={$_.Ownername}}, Primaryname            

 

use the MicrosoftDNS_CNAMEType class. Filter on the domain ie containername.  ComputerName holds the DNS server name.

Change OwnerName to Alias in a select calculated field

Get Global Catalog from DNS

One option for finding global catalog servers is often overlooked – DNS.  In an AD environment DNS stores the SRV records that advertise the services domain controllers can deliver

$dnsserver = "dc02"            
Get-WmiObject -Namespace 'root\MicrosoftDNS' -Class  MicrosoftDNS_SRVType `
-ComputerName $dnsserver -Filter "ContainerName = 'Manticore.org'" |             
Where {$_.OwnerName -like "_gc*"} |            
select TextRepresentation

We are interested in the ‘root\MicrosoftDNS’ name space and the MicrosoftDNS_SRVType records. We want the manticore.org zone and all records where the Ownername is like “_gc*”

The results look like this

_gc._tcp.Site1._sites.Manticore.org IN SRV 0 100 3268 dc02.manticore.org.

_gc._tcp.Site1._sites.Manticore.org IN SRV 0 100 3268 server02.manticore.org.  
_gc._tcp.Manticore.org IN SRV 0 100 3268 dc02.manticore.org.  
_gc._tcp.Manticore.org IN SRV 0 100 3268 server02.manticore.org. 

Scripting Guy Blog

 

The Scripting Guys are having a guest blogger week and first up is me blogging about managing DNS with PowerShell and WMI

http://blogs.technet.com/b/heyscriptingguy/archive/2010/09/13/manage-dns-in-a-windows-environment-by-using-powershell.aspx

Enjoy

PowerShell UG – June meeting slides and recording

Thanks to everyone how joined the Live Meeting this evening – especially for the questions 🙂

The slides and demo script are available for download from:

http://cid-43cfa46a74cf3e96.office.live.com/browse.aspx/PowerShell%20User%20Group/2010%20June

 

The recording of the session is available from:

Richard Siddaway has invited you to view a Microsoft Office Live Meeting recording.
View Recording
Recording Details
    Subject: PowerShell and DNS
    Recording URL: https://www.livemeeting.com/cc/usergroups/view
    Recording ID: NPP98R
    Attendee Key: Dj\J_)4}g

PowerShell UG Meeting: DNS


When: Tuesday, Jun 29, 2010 7:30 PM (BST)


Where: Live Meeting webcast

*~*~*~*~*~*~*~*~*~*

Meeting will cover DNS, DNS best practice analyser, DNS WMI provider and DNSShell cmdlets from codeplex

Notes


Richard Siddaway has invited you to attend an online meeting using Live Meeting.
Join the meeting.
Audio Information
Computer Audio
To use computer audio, you need speakers and microphone, or a headset.
First Time Users:
To save time before the meeting, check your system to make sure it is ready to use Microsoft Office Live Meeting.
Troubleshooting
Unable to join the meeting? Follow these steps:

  1. Copy this address and paste it into your web browser:
    https://www.livemeeting.com/cc/usergroups/join
  2. Copy and paste the required information:
    Meeting ID: NPP98R
    Entry Code: Dj\J_)4}g
    Location: https://www.livemeeting.com/cc/usergroups

If you still cannot enter the meeting, contact support

Notice
Microsoft Office Live Meeting can be used to record meetings. By participating in this meeting, you agree that your communications may be monitored or recorded at any time during the meeting.

PowerShell for DNS

I’ve blogged on a number of occasions on how to use the DNS WMI provider.

Life just got easier with the release of DnsShell.  Its a PowerShell 2.0 module containing cmdlets for working with DNS.

Underneath the covers there is a lot of WMI involved.

The module is still a work in progress but already includes useful functionality.  I’ll be giving it a try out soon.

The module can be down loaded from http://code.msdn.microsoft.com/dnsshell

Technorati Tags: PowerShell,WMI,DNS