Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Windows Server 2003 DNS - how to update multiple DNS 'A' Records

Posted on 2006-05-22
10
Medium Priority
?
251 Views
Last Modified: 2010-03-18
We've just changed ISP's and as a result our block of IP addresses has changed.  How do I change 'A' records for 100+ forward lookup zones all at once?  (for example, we have 100+ flz's for 100 different domain names pointing to 192.168.x.100, and wish to change them all to 192.168.z.100).  Can this be done with a search and replace type function?
0
Comment
Question by:strategy9
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16738765
Hi strategy9,

if you delete one record, see how long it takes to repopulate automatically with a new one, are you running DHCP?
0
 

Author Comment

by:strategy9
ID: 16738800
i don't want to delete them.  We're hosting 100 domains (websites) and run our own "external" dns server to handle their name resolution.  I just want to change the current IP address from old to new, and do it for all domains at the same time.  For example, I have 100 domain names pointing to IP address 1.2.3.4, and want to update IP address 1.2.3.4 to 5.6.7.8.  I can do it manually one at a time, but their must be a quick "search and replace" option????
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16738808
ah sorry i thought you were talking internal

never heard of a find and replace feature, that isnt to say there isnt one though, i just havent seen it
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 5

Accepted Solution

by:
centrepc earned 1000 total points
ID: 16739086
All 100 domains should be pointing to one host name not an ip address.  Then if the ip address changes all you have to do is change the ip address of one host not edit 100 domains.  

masterhost= 5.6.7.8

domain1 = masterhost
domain2 = masterhost
domain3 = masterhost
domain100 = masterhost
whenever you change masterhost ip all 100 domains would change.

The above won't do you much good now but you can still use a mass txt editor to edit the all of the files.  I will post a link to the one I use shortly.  Make sure you make backups before using the editor.  

 

0
 

Author Comment

by:strategy9
ID: 16739135
Does this method require the use of CNAME records instead of A records?  If so, I can see how this method would have helped us if we had set it up previously.  I'm interested in the text editing of files - from my reading, I thought all DNS entries were stored in an encrypted file called ntds.dit...

Thanks for the help.
0
 
LVL 5

Expert Comment

by:centrepc
ID: 16739166
I have never messed with dns on a 2003 server.  On a 2000 server the file is just whateverdomain.dns  kept in the system32\dns folder and you can just use notepad to edit the files.

Maybe someone knows for sure if it has changed in 2003 and if infact they did encrypt the files.  

www.massfileeditor.com is the link to what I use.  

You may just have to take the time fix each one but as long as it is done properly this time you won't have to change all 100 again.....  in the future
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16739176
2003 DNS is pretty much the same as 2000

you may have a time consuming project ahead but i think its worthwhile    - just get your junior to do it!
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 1000 total points
ID: 16740322
Couple of things here so I'll pull this into a consolidated list. Don't want the points so its just for info........

1. CentrePC is spot on. There should be no duplicated entries in the dns. If there are, you will be in exactly the position you report. It is never too late to put something like this right as you may need to go through the exercise again in the future. Just use referers
2. AD-Integrated DNS is held in registry but for the purpose of replication to other DC's that are participating in the DNS environment. There is still a .dns file and you would edit the one that is on the first server that was created unless you have moved the domain naming master fsmo role. Standard primary/secondary dns does not use the registry.
3. No, it does not use cnames. Cnames are to allow you to have alternative FQDN's for the same IP address. Nameservers for a domain to do not have to belong to that domain.

for example,  ns.dns1.net could be the primary name server for
xxx.com
yyy.com
zzz.com  etc

4. If you edit the changes manually, do ONE first but remember to increment the serial number so that it replicates to the secondary.
5. Be extremely careful if you do manually edit the files and personally I would recommend against it. If you do have secondary DNS servers and I cannot imagine for a second you wouldn't, you will need to change their entries as well unless you have them set to accept updates from all servers. Normally you would have set the secondaries to only receive updates from servers on the name-server list.

I administrate quite a few external DNS domains (although not as many as you) and I have a Unix system holding the masters. This then updates the Windows secondaries. The benefit is that I CAN just edit the source file.

6. If you are controlling it (and dependant on the firewall you have), you may need to amend your ACL's. DNS updates operate on tcp port 53 rather then UDP port 53 which is used for resolving. If you are changing the IP address and any of your secondaries are external to you then these may fail.

just my few pennies worth.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question