Solved

Using Powershell to list / export which DNS (A) records do not have the associated PTR record ?

Posted on 2015-01-26
11
420 Views
Last Modified: 2015-02-12
People,

Can anyone here please assist me with the powershell script to list which (A) records in my DNS server does not have its (PTR) record ?

and also how do I automatically re-creates the PTR records if the reverse lookup zones has been created in the AD integrated DNS servers?

Thanks.
0
Comment
  • 5
  • 4
  • 2
11 Comments
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 334 total points
ID: 40572527
I have half answer:
Once you create reverse lookup zone on DNS server, with next dns refresh \ reboot clients will automatically get added into appropriate reverse lookup zones

If you are using DHCP on domain controller, enable always update host and ptr records setting in DHCP scope advanced \ dns properties, also set credentials in DHCP scope properties \ general tab
http://blogs.technet.com/b/stdqry/archive/2012/04/03/dhcp-server-in-dcs-and-dns-registrations.aspx
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40572724
ok Mahesh, so yes I have created the reverse lookup zones.

But how do I configure all of the production Windows Server to register their DNS entries automatically without going to each and every server network settings and selecting the checkbox to register the reverse lookup zone ?
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 334 total points
ID: 40572951
U can use Psexec tool from Microsoft

List all of your servers in .txt file

Ex:
Server1
Server2
Server3

Logon to DC with domain admins
Then use Psexec command from elevated command prompt

Psexec @C:\Servers.txt ipconfig /registerdns

OR

Psexec @C:\Servers.txt ipconfig /registerdns > C:\output.txt

Open in new window


The tool will traverse through all servers in the list one by one and then execute the command on all servers one by one
Al servers will register their records within respective reverse lookup zones
The same thing can be applied to list of client computers as well

Note that to execute tool file print sharing exception must be enabled in windows firewall on all machines

The Psexec tool can be downloaded from below location
https://technet.microsoft.com/en-in/sysinternals/bb897553.aspx
Extract it from zip file
0
 
LVL 39

Assisted Solution

by:footech
footech earned 166 total points
ID: 40573185
If machines are set with a static IP, then that machine will register it's own PTR record.  If a machine is set to get its IP through DHCP, then the DHCP server will register the record.  There's no specific setting in regard to PTR records (excepting Group Policy).
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40574024
Ah I see,
because I'm in a new environment and I have noticed that several hundreds of DNS entries of the servers are set as "static", no TimeStamp on the DNS console, so I guess someone manually register the entry here on the DNS without letting it register by itself.

Does executing the command ipconfig /registerdns can potentially causing some outage to the server network communication ?
0
 
LVL 39

Assisted Solution

by:footech
footech earned 166 total points
ID: 40574333
Yes, I would say someone created the records manually.

No, running ipconfig /registerdns will not cause an outage of any kind.  It may not update a record though.  Depends on what kind of security is already on the record.  Deleting the record and then running the ipconfig command would allow the machine to register its record (assuming dynamic updates are allowed).
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 334 total points
ID: 40574522
I hope your forward and reverse lookup zones are set for dynamic updates only
running ipconfig /registerdns will force dns to refresh dns entries and add that record in forward and reverse lookup zones for corresponding IP address and hostname unless their is issue
If you have created any record manually, it will not get updated with this command
The command will update associated Host(A) record and PTR record
After completion of command via Psexec, force AD replication and do not forget to run below two commands on DNS servers from elevated command prompt
ipconfig /flushdns
dnscmd /clearcache
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40575204
Ok, may I know what is the command for forcing AD replication ?

Should I do it from the primary DNS or it doesn't really matter the role.
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 334 total points
ID: 40575473
Run repadmin /syncall on all domain controllers

other way to do that:
Psexec @C:\dclist.txt repadmin /syncall

Replace dclist.txt with txt file containing domain controllers list
0
 
LVL 7

Author Closing Comment

by:Senior IT System Engineer
ID: 40607323
Thanks guys !
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40607324
ok, if i run the command:

Psexec @C:\dclist.txt repadmin /syncall

Open in new window


what are the effects on the user or Exchange email flow ? would there be any issue to the users when i execute that command during the working hours ?
0

Join & Write a Comment

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now