Windows Server 2003 DNS - how to update multiple DNS 'A' Records

We've just changed ISP's and as a result our block of IP addresses has changed.  How do I change 'A' records for 100+ forward lookup zones all at once?  (for example, we have 100+ flz's for 100 different domain names pointing to 192.168.x.100, and wish to change them all to 192.168.z.100).  Can this be done with a search and replace type function?
Who is Participating?
All 100 domains should be pointing to one host name not an ip address.  Then if the ip address changes all you have to do is change the ip address of one host not edit 100 domains.  


domain1 = masterhost
domain2 = masterhost
domain3 = masterhost
domain100 = masterhost
whenever you change masterhost ip all 100 domains would change.

The above won't do you much good now but you can still use a mass txt editor to edit the all of the files.  I will post a link to the one I use shortly.  Make sure you make backups before using the editor.  


Hi strategy9,

if you delete one record, see how long it takes to repopulate automatically with a new one, are you running DHCP?
strategy9Author Commented:
i don't want to delete them.  We're hosting 100 domains (websites) and run our own "external" dns server to handle their name resolution.  I just want to change the current IP address from old to new, and do it for all domains at the same time.  For example, I have 100 domain names pointing to IP address, and want to update IP address to  I can do it manually one at a time, but their must be a quick "search and replace" option????
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

ah sorry i thought you were talking internal

never heard of a find and replace feature, that isnt to say there isnt one though, i just havent seen it
strategy9Author Commented:
Does this method require the use of CNAME records instead of A records?  If so, I can see how this method would have helped us if we had set it up previously.  I'm interested in the text editing of files - from my reading, I thought all DNS entries were stored in an encrypted file called ntds.dit...

Thanks for the help.
I have never messed with dns on a 2003 server.  On a 2000 server the file is just whateverdomain.dns  kept in the system32\dns folder and you can just use notepad to edit the files.

Maybe someone knows for sure if it has changed in 2003 and if infact they did encrypt the files. is the link to what I use.  

You may just have to take the time fix each one but as long as it is done properly this time you won't have to change all 100 again.....  in the future
2003 DNS is pretty much the same as 2000

you may have a time consuming project ahead but i think its worthwhile    - just get your junior to do it!
Keith AlabasterEnterprise ArchitectCommented:
Couple of things here so I'll pull this into a consolidated list. Don't want the points so its just for info........

1. CentrePC is spot on. There should be no duplicated entries in the dns. If there are, you will be in exactly the position you report. It is never too late to put something like this right as you may need to go through the exercise again in the future. Just use referers
2. AD-Integrated DNS is held in registry but for the purpose of replication to other DC's that are participating in the DNS environment. There is still a .dns file and you would edit the one that is on the first server that was created unless you have moved the domain naming master fsmo role. Standard primary/secondary dns does not use the registry.
3. No, it does not use cnames. Cnames are to allow you to have alternative FQDN's for the same IP address. Nameservers for a domain to do not have to belong to that domain.

for example, could be the primary name server for  etc

4. If you edit the changes manually, do ONE first but remember to increment the serial number so that it replicates to the secondary.
5. Be extremely careful if you do manually edit the files and personally I would recommend against it. If you do have secondary DNS servers and I cannot imagine for a second you wouldn't, you will need to change their entries as well unless you have them set to accept updates from all servers. Normally you would have set the secondaries to only receive updates from servers on the name-server list.

I administrate quite a few external DNS domains (although not as many as you) and I have a Unix system holding the masters. This then updates the Windows secondaries. The benefit is that I CAN just edit the source file.

6. If you are controlling it (and dependant on the firewall you have), you may need to amend your ACL's. DNS updates operate on tcp port 53 rather then UDP port 53 which is used for resolving. If you are changing the IP address and any of your secondaries are external to you then these may fail.

just my few pennies worth.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.