BGINFO - A Posh Recreation
Recently I have been building a lot of Windows Servers in different environments - one
Grumpy Admin, was asked today to just do one of them simple management tasks in a domain that you don’t think nothing of. Add an A record to a DNS zone.
Been doing this for years, so quite simple, you just load up the DNS management tool on the Server. Find the correct zone, ‘right click add new record’. Enter the details and you are done!
Very simple, the boss made me laugh… he said “ha bet you can’t do that with your PowerShell!!!”
Well in older versions of PowerShell and Windows server. He is correct right, but since we moved on to Windows Server 2012 and Windows 8 and above! You can! So once again to just to prove it to him, I thought I would just revisit Powershell DNS management. Revision is always good, especially as I plan to try and finally nail my MCSE next month!!! I will quickly go over how to
Remove records on the dns server
Create records on the dns server
Run some tests on the dns server
Show the dns server cache
Clear the dns server cache
Create and Remove zones
Query some information/records from the server
The first things grumpy admin does is of course the get-commands *DNS* to have a look at what we have to play with! Then if we want to we can use the old faithful get-help. There are other resources you can use like the TechNet page and have look.
Let’s take a look at how to perform some of these operations, from within PowerShell. Let’s start with getting some basic information about the DNS server and records that it holds.
Get-DNSServer
WOW – there a lot of information there about the DNS server. You no longer have to traverse many dialog boxes and option boxes to see the settings of the DNS server, just jump in to PowerShell run this and chances are you find the information about its configuration that you were looking for!
Get-DNSServercache
Again some useful information there especially about the TTL of the cache etc, lockingPercent is again a useful figure.
Get-DNSServerSettings
How about some usage stats? Easy
Get-DNSServerStatistics
How getting a list of just the DNS Zones on the server Grumpy Admin? Well just our luck, there cmdlet for that as well! See not very difficult stuff, sometime you just need to look and find these things.
Get-DNSServerZone
Again, very useful information. And don’t forget as these commands are cmdlets, you can use them in scripts and use the pipeline. For Example,
get-dnsserverzone |%{$_.ZoneName}
Great, so you can use filter functions and the likes to do operations on the results. Very powerful if used correctly.
So these are just some of the information gathering cmdlets are your disposal when administering a DNS server from PowerShell. Let’s have a look at how to remove a DNS records.
At the start of this blog I created a web A record. Let’s kill it! It was a mistake, DELETE DELETE!!!
remove-dnsserverresourcerecord
Now there are a few parameters we need to give it in order for it to delete the record. It needs to know the DNS zone, the name of the record and the type of record (RRType). As ever let’s do a quick get-help on the remove-dnsserverresourcerecord
So we already know the record is a A record so the RRType will be A. We know the zone is hazzy.co.uk and record name is web!
Remove-DnsServerResourceRecord -ZoneName “hazzy.co.uk” -RRType “A” -Name “web”
As with most things, Grumpy Admin does, let’s try and confirm that it is gone.
Let’s use the get-dnsserverresourcerecord cmdlet
Excellent the web A record has been removed, oh actually, I do really need a web A record. There nothing for it! We are going to have to create this A record!
add-dnsserverresourcerecord
Perform a quick get-help just to confirm the syntax! As is my custom when doing something like this
Wow there we go… a lot to take in…. But using this we can do the following!!
Add-DnsServerResourceRecord -ZoneName “hazzy.co.uk” -Name “web” -A -IPv4Address 10.0.0.4
Another check using get-dnsserverresourcerecord to make sure that the record is there in the DNS zone. As you can see the record now exists 🙂 Excellent, coffee time? Not quite yet!
Sometimes you need to check the cache of a DNS server. Let’s do this now!
show-DNSServerCache
Excellent – oh there something in there that we don’t like – let’s clear the cache
clear-dnsservercache
Done – let’s recheck it – As you will see not much in the DNS cache! Do a ping to www.theregister.co.uk and we should see that lookup appear in the cache – just as a test to ensure the cache is working correctly!
What about if we want to add a new primary zone, well there is a cmdlet for that as well as the other type of zones, secondary and stub! Managing this DNS server is actually easy right??
Of course feel free to do a get-help on the create zone cmdlet, but it quite simple really. As you will notice there is the scope of the zone – I choose Domain here – you can have the other scopes like forest if you want!
Add-DnsServerPrimaryZone -Name “grumpy.co.uk” -ReplicationScope Domain
and to remove the zone – all we need to do is
Remove-DnsServerZone -Name “grumpy.co.uk”
and once again let just check our work! Simple – done
What about if we want to do a function test on our DNS server? Well we can use the
test-dnsserver -ipaddress 10.0.0.4
Easy as that really. There are quite a few other things you can do, and configure for example you can start the DNS server scavenging process manually by using
start-dnsserverscavenging
In summary managing DNS server from PowerShell, is actually easy, when you know what you want to do. The more complicated tasks that you can achieve like dnssec and zone signing etc. Setting diagnostic logging for TCP /UDP and other things. Have a play!!!
As this is all via PowerShell, so what is stopping you from using server core for your DNS server??? Hazzy says while looking at his boss!
Hazzy