Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Using Powershell to list / export which DNS (A) records do not have the associated PTR record ?

Posted on 2015-01-26
11
Medium Priority
?
669 Views
Last Modified: 2015-02-12
People,

Can anyone here please assist me with the powershell script to list which (A) records in my DNS server does not have its (PTR) record ?

and also how do I automatically re-creates the PTR records if the reverse lookup zones has been created in the AD integrated DNS servers?

Thanks.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
11 Comments
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 1336 total points
ID: 40572527
I have half answer:
Once you create reverse lookup zone on DNS server, with next dns refresh \ reboot clients will automatically get added into appropriate reverse lookup zones

If you are using DHCP on domain controller, enable always update host and ptr records setting in DHCP scope advanced \ dns properties, also set credentials in DHCP scope properties \ general tab
http://blogs.technet.com/b/stdqry/archive/2012/04/03/dhcp-server-in-dcs-and-dns-registrations.aspx
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40572724
ok Mahesh, so yes I have created the reverse lookup zones.

But how do I configure all of the production Windows Server to register their DNS entries automatically without going to each and every server network settings and selecting the checkbox to register the reverse lookup zone ?
0
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 1336 total points
ID: 40572951
U can use Psexec tool from Microsoft

List all of your servers in .txt file

Ex:
Server1
Server2
Server3

Logon to DC with domain admins
Then use Psexec command from elevated command prompt

Psexec @C:\Servers.txt ipconfig /registerdns

OR

Psexec @C:\Servers.txt ipconfig /registerdns > C:\output.txt

Open in new window


The tool will traverse through all servers in the list one by one and then execute the command on all servers one by one
Al servers will register their records within respective reverse lookup zones
The same thing can be applied to list of client computers as well

Note that to execute tool file print sharing exception must be enabled in windows firewall on all machines

The Psexec tool can be downloaded from below location
https://technet.microsoft.com/en-in/sysinternals/bb897553.aspx
Extract it from zip file
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 41

Assisted Solution

by:footech
footech earned 664 total points
ID: 40573185
If machines are set with a static IP, then that machine will register it's own PTR record.  If a machine is set to get its IP through DHCP, then the DHCP server will register the record.  There's no specific setting in regard to PTR records (excepting Group Policy).
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40574024
Ah I see,
because I'm in a new environment and I have noticed that several hundreds of DNS entries of the servers are set as "static", no TimeStamp on the DNS console, so I guess someone manually register the entry here on the DNS without letting it register by itself.

Does executing the command ipconfig /registerdns can potentially causing some outage to the server network communication ?
0
 
LVL 41

Assisted Solution

by:footech
footech earned 664 total points
ID: 40574333
Yes, I would say someone created the records manually.

No, running ipconfig /registerdns will not cause an outage of any kind.  It may not update a record though.  Depends on what kind of security is already on the record.  Deleting the record and then running the ipconfig command would allow the machine to register its record (assuming dynamic updates are allowed).
0
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 1336 total points
ID: 40574522
I hope your forward and reverse lookup zones are set for dynamic updates only
running ipconfig /registerdns will force dns to refresh dns entries and add that record in forward and reverse lookup zones for corresponding IP address and hostname unless their is issue
If you have created any record manually, it will not get updated with this command
The command will update associated Host(A) record and PTR record
After completion of command via Psexec, force AD replication and do not forget to run below two commands on DNS servers from elevated command prompt
ipconfig /flushdns
dnscmd /clearcache
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40575204
Ok, may I know what is the command for forcing AD replication ?

Should I do it from the primary DNS or it doesn't really matter the role.
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 1336 total points
ID: 40575473
Run repadmin /syncall on all domain controllers

other way to do that:
Psexec @C:\dclist.txt repadmin /syncall

Replace dclist.txt with txt file containing domain controllers list
0
 
LVL 8

Author Closing Comment

by:Senior IT System Engineer
ID: 40607323
Thanks guys !
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 40607324
ok, if i run the command:

Psexec @C:\dclist.txt repadmin /syncall

Open in new window


what are the effects on the user or Exchange email flow ? would there be any issue to the users when i execute that command during the working hours ?
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question