Using Powershell to list / export which DNS (A) records do not have the associated PTR record ?

People,

Can anyone here please assist me with the powershell script to list which (A) records in my DNS server does not have its (PTR) record ?

and also how do I automatically re-creates the PTR records if the reverse lookup zones has been created in the AD integrated DNS servers?

Thanks.
LVL 8
Senior IT System EngineerIT ProfessionalAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
MaheshConnect With a Mentor ArchitectCommented:
Run repadmin /syncall on all domain controllers

other way to do that:
Psexec @C:\dclist.txt repadmin /syncall

Replace dclist.txt with txt file containing domain controllers list
0
 
MaheshConnect With a Mentor ArchitectCommented:
I have half answer:
Once you create reverse lookup zone on DNS server, with next dns refresh \ reboot clients will automatically get added into appropriate reverse lookup zones

If you are using DHCP on domain controller, enable always update host and ptr records setting in DHCP scope advanced \ dns properties, also set credentials in DHCP scope properties \ general tab
http://blogs.technet.com/b/stdqry/archive/2012/04/03/dhcp-server-in-dcs-and-dns-registrations.aspx
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
ok Mahesh, so yes I have created the reverse lookup zones.

But how do I configure all of the production Windows Server to register their DNS entries automatically without going to each and every server network settings and selecting the checkbox to register the reverse lookup zone ?
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
MaheshConnect With a Mentor ArchitectCommented:
U can use Psexec tool from Microsoft

List all of your servers in .txt file

Ex:
Server1
Server2
Server3

Logon to DC with domain admins
Then use Psexec command from elevated command prompt

Psexec @C:\Servers.txt ipconfig /registerdns

OR

Psexec @C:\Servers.txt ipconfig /registerdns > C:\output.txt

Open in new window


The tool will traverse through all servers in the list one by one and then execute the command on all servers one by one
Al servers will register their records within respective reverse lookup zones
The same thing can be applied to list of client computers as well

Note that to execute tool file print sharing exception must be enabled in windows firewall on all machines

The Psexec tool can be downloaded from below location
https://technet.microsoft.com/en-in/sysinternals/bb897553.aspx
Extract it from zip file
0
 
footechConnect With a Mentor Commented:
If machines are set with a static IP, then that machine will register it's own PTR record.  If a machine is set to get its IP through DHCP, then the DHCP server will register the record.  There's no specific setting in regard to PTR records (excepting Group Policy).
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Ah I see,
because I'm in a new environment and I have noticed that several hundreds of DNS entries of the servers are set as "static", no TimeStamp on the DNS console, so I guess someone manually register the entry here on the DNS without letting it register by itself.

Does executing the command ipconfig /registerdns can potentially causing some outage to the server network communication ?
0
 
footechConnect With a Mentor Commented:
Yes, I would say someone created the records manually.

No, running ipconfig /registerdns will not cause an outage of any kind.  It may not update a record though.  Depends on what kind of security is already on the record.  Deleting the record and then running the ipconfig command would allow the machine to register its record (assuming dynamic updates are allowed).
0
 
MaheshConnect With a Mentor ArchitectCommented:
I hope your forward and reverse lookup zones are set for dynamic updates only
running ipconfig /registerdns will force dns to refresh dns entries and add that record in forward and reverse lookup zones for corresponding IP address and hostname unless their is issue
If you have created any record manually, it will not get updated with this command
The command will update associated Host(A) record and PTR record
After completion of command via Psexec, force AD replication and do not forget to run below two commands on DNS servers from elevated command prompt
ipconfig /flushdns
dnscmd /clearcache
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Ok, may I know what is the command for forcing AD replication ?

Should I do it from the primary DNS or it doesn't really matter the role.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Thanks guys !
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
ok, if i run the command:

Psexec @C:\dclist.txt repadmin /syncall

Open in new window


what are the effects on the user or Exchange email flow ? would there be any issue to the users when i execute that command during the working hours ?
0
All Courses

From novice to tech pro — start learning today.