Advanced DNS Security - Modify A Record ACL via a Script
Posted on 2008-10-06
I performed a restore of an AD integrated Primary Zone in DNS, but it didn't restore the security properties for the records (this isn't possible with the type of backup we have). All A records now have the default permissions for the Zone. I want to add the HOSTNAME$ to the ACL for each A record in the Zone by writing a script. I need to make sure computers and servers are able to modify their own A records. My scripting skills are advanced; however, I can't find any WMI property or API that modifies the ACL for individual DNS records. Does anyone know of a command line tool or other method to modify the security for a DNS record other than doing it manually through the DNS MMC? I don't want to modify the permissions on the Zone, only individual records in the Zone.