DESKTOP

Windows Server 2003 : Domain Name System - Command-Line Utilities

2/21/2013 8:40:21 PM

In this section, I'll describe some useful programs designed to be run from a command line that you can use to automate your DNS setup and configuration processes.

1. DNSCmd

The Windows Server 2003 Support Tools collection,contains the DNSCmd utility , which is a great way to access some command DNS configuration-related functions through the power and speed of the command prompt. To get to DNSCmd, look in the Support\Tools directory on the Windows Server 2003 distribution CD for the file support.cab. Inside, copy and paste DNSCmd to a convenient location.

DNSCmd displays and changes the properties of DNS servers, zones, and resource records. Some operations of this tool work at the DNS server level while others work at the zone level. You can use DNSCmd on any Windows 2000 or XP computer as long as the user that is running the application is a member in the Administrators or Server Operators group on the target computer. Both the user account and the server computer must be members of the same domain or reside within trusted domains.

DNSCmd can be used in any of the following situations:

  • You want to retrieve information about a DNS server.

  • You want to begin the scavenging process.

  • You want to view information and contents of a DNS zone.

  • You want to create, remove, or "pause" zones.

  • You want to change the properties of a zone.

  • You want to add, delete, or enumerate records in a zone.

You use DNSCmd simply by specifying attributes and their values as part of a command. For example, to create a new standard primary zone called corp.hasselltech.local on a server named dc1.corp.hasselltech.local and stored in corp.hasselltech.local.dns files, use the following syntax:

dnscmd dc1.corp.hasselltech.local/ZoneAdd corp.hasselltech.local /Primary /file corp.
hasselltech.local.dns

I could have also chosen to make corp.hasselltech.local a secondary zone by replacing the /Primary switch with /Secondary.

To create a new A record, I could issue the following command, which adds a record for a machine named wwwto the zone with an IP address of 192.168.1.23to the same DNS server as the previous example:

Dnscmd dc1.corp.hasselltech.local /RecordAdd corp.hasselltech.local www A 192.168.1.23

You can see all of the zones on a target server by entering the following command:

dnscmd dc1.corp.hasselltech.local /enumzones

If you're experiencing some problems with replication and want to trigger the process manually, you can start it with the following command (assuming you want to use the same server to begin the process as in the previous examples):

Dnscmd dc1.corp.hasselltech.local /ZoneRefresh corp.hasselltech.local

Likewise, you might find yourself needing to manually age all of the records on a particular machine. You can easily do so through DNSCmd using the following:

dnscmd corp.hasselltech.local /ageallrecords dc1.corp.hasselltech.local

You'll need to confirm your choice, and then the current time will be applied to all records on that machine.

You might also need to clear the DNS cache on a target server, which can be done using this command:

Dnscmd dc1.corp.hasselltech.local /clearcache

To quickly stop and start the DNS process on the target computer, use the following command:

Dnscmd dc1.corp.hasselltech.local /restart

If you want to export a particular zone to a file, you can issue the following command:

dnscmd /zoneexport corp.hasselltech.local corp.hasselltech.local.dns

And, finally, to delete a zone from a target server, use the following command:

dnscmd dc1.corp.hasselltech.local /zonedelete corp.hasselltech.local

2. DNSLint

Also on the distribution CD in support tools is DNSLint. DNSLint is a utility born out of the desire to automate the process of troubleshooting lame delegation issues and problems with AD replication because of faulty DNS records. DNSLint is a great tool to make sure that every DNS server that has records on your services has correct records and that there are no issues with those DNS servers' data. (And in case you're wondering, the name "DNSLint" comes from the idea that lint is something you find in your blue jeans after they come out of the dryer. When you find lint, it is useless and perhaps even embarrassing, meaning you probably quickly discard it. You should do the same with outdated or inaccurate DNS records for critical machines on your network.)

The best thing to do from the start is to create a standard report on any given DNS domain, using the following:

dnslint /d hasselltech.local /v

DNSLint produces an HTML-based report and then starts Internet Explorer to display the result. The results are color-coded with warnings in amber and errors in red for easy scanning. (You can elect to get a text-based report, if you prefer.) The report generated by the previous command will show a detailed listing of each DNS server for the corp.hasselltech.local domain and indicate whether or not the server responds to a query on port 53, which is the standard DNS port. It will tell you how it found each server, and it will also list each server that reports authoritatively. You will also see Mail Exchanger (MX) records in the zone, which is a useful addition to help with troubleshooting SMTP routing problems.

If you are specifically having email difficulties, you can use DNSLint to determine whether a designated email server listens on the correct port. Use the following command:

dnslint /d domainname.tld /c

The report generated by that command will list whether a server indicated in an MX record is listening for SMTP, POP3 and IMAP4 requests, and will also show the SMTP header returned by the server to help in diagnostics.

To assist in troubleshooting, the following functions are available in DNSLint:


dnslint /d domainname

This diagnoses potential causes of "lame delegation," and other related DNS problems. You'll receive an HTML-based report once the diagnosis is complete. Add /vfor more information about how the DNS servers listed in the report were found. If you get errors saying that the domain specified is not listed with InterNIC, simply add the /soption.


dnslint /ql mylist.txt

This verifies a user-defined set of DNS records on multiple DNS servers. You can specify in a simple text file the sets of records you'd like to test. For example, the following tests A, PTR, CNAME, and MX records for the domain name and IP address of a fairly well-known company:

microsoft.com,a,r      ;A record
207.46.197.100,ptr,r   ;PTR record
microsoft.com,cname,r  ;CNAME record
microsoft.com,mx,r       ;MX record


dnslint /ad localhost

This verifies the DNS records on a specific host (in this case, the current machine) specifically used for Active Directory replication. If you get errors saying that the domain specified is not listed with InterNIC, simply add the /soption.
Other  
  •  Computer Planet I7 Extreme Gaming PC
    •
  •  Windows Vista : Web and Email (part 4) - Change the Default Email Reader, Stop Spam, Send Large Files
    •
  •  Windows Vista : Web and Email (part 3) - Stop Annoying Animations, Opt Out of Tabbed Browsing, Surf Anonymously
    •
  •  Windows Vista : Web and Email (part 2)
    •
  •  Windows Vista : Web and Email (part 1) - Lock Down Internet Explorer, Change Internet Shortcut Icons
    •
  •  Windows 7 : Zero Touch Installations - Monitoring Deployment Progress
    •
  •  Windows 7 : Zero Touch Installations - Deploying Windows 7 (part 3) - Performing the Zero Touch Installation
    •
  •  Windows 7 : Zero Touch Installations - Deploying Windows 7 (part 2) - Edit the Deployment Task Sequence
    •
  •  Windows 7 : Zero Touch Installations - Deploying Windows 7 (part 1) - Create a New Deployment Task Sequence
    •
  •  Windows 7 : Zero Touch Installations - Identifying and Targeting Machines for Rebuilding
    •
     
    Top 10
    Review : Sigma 24mm f/1.4 DG HSM Art
    Review : Canon EF11-24mm f/4L USM
    Review : Creative Sound Blaster Roar 2
    Review : Philips Fidelio M2L
    Review : Alienware 17 - Dell's Alienware laptops
    Review Smartwatch : Wellograph
    Review : Xiaomi Redmi 2
    Extending LINQ to Objects : Writing a Single Element Operator (part 2) - Building the RandomElement Operator
    Extending LINQ to Objects : Writing a Single Element Operator (part 1) - Building Our Own Last Operator
    3 Tips for Maintaining Your Cell Phone Battery (part 2) - Discharge Smart, Use Smart
    REVIEW
    - First look: Apple Watch

    - 3 Tips for Maintaining Your Cell Phone Battery (part 1)

    - 3 Tips for Maintaining Your Cell Phone Battery (part 2)
    VIDEO TUTORIAL
    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 1)

    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 2)

    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 3)
    Popular Tags
    Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8