Solved

DNS Forward/Reverse Lookup Zone Compare Report

Posted on 2014-01-07
2
2,262 Views
1 Endorsement
Last Modified: 2014-01-14
DNS Gurus:

Is there a tool, application, or script someone could recommend that would generate a report from my Windows 2008 - DNS Server and compare the DNS Forward and Reverse Lookup zones?  I know I can do this manually by going through each DNS record or running a NSLookup on each forward/reverse record, but that could be a rather timely exercise.  I am planning on enabling scavenging in the next week, however I am also noticing that there are static reverse records that don't match the forward look-up records.  Any thoughts or suggestions would be greatly appreciated.
1
Comment
Question by:rmessing171
2 Comments
 
LVL 35

Expert Comment

by:Mahesh
ID: 39762820
I don't think \ seen there will any application do that for you.

Max what you can do, export forward lookup zone and reverse lookup contents through GUI \ dnscmd command line and then import both into Excel sheet with some modifications and then try to compare with vlookup, again i guess you need to do lot of hard work to do that and still it may be not as expected.

I suggest you to enable scavenging on DNS server as it will not affect static records.
DNS scavenging only work with resource records that are updated dynamically.
Once you set scavenging properly, DNS will start cleaning up stale resource records and then you can get rid of those static records in reverse zone.
Imp note: Just cross check that your all Domain Controllers all SRV records time stamp are updating properly within scavenging time interval under domain dns zone and _msdcs.domain.com prior to deploying scavenging as if their time stamp are not updating properly they may get counted as stale by scavenging process and will be removed...
Check below thread which might helps you to set scavenging.
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_28306544.html

Hope that helps

Mahesh
0
 
LVL 26

Accepted Solution

by:
Leon Fester earned 500 total points
ID: 39767478
I've also not seen any tools for this.
In the past I've also used Excel...but it's not that big a task as you'd imagine.

To export a zone you can use the dnscmd tool.
dnscmd /zoneexport
- Creates a text file that lists the resource records of a specified zone.
http://technet.microsoft.com/en-us/library/cc772069.aspx

however I am also noticing that there are static reverse records that don't match the forward look-up records
The most likely cause is that the DNS records were created manually and then only the A Host record was updated again.

Just remember to always backup your DNS zones before doing any work, in case you need to restore it. For dynamic records, you shouldn't have any issues since they will be updated by the computers/DNS servers themselves.

Depending on how many records you have it would be easiest to use the exported zone file to constructions a few statement using the DNSCMD command to batch script the creation of your static records.

dnscmd /recordadd
 
dnscmd /recorddelete

See discussion and solution from other forum:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/550f4738-6805-47ca-b0a2-ce0a55c35c26/using-dnscmd-to-bulk-create-ptr-records?forum=winserverDS
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 2012 Essentials - change of router 24 88
Nameserver and MX Record 2 63
Child Domain and dns suffixes 9 43
LibreNMS - unable to connect. 2 52
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now