Link to home
Start Free TrialLog in
Avatar of Kasper Katzmann
Kasper KatzmannFlag for Denmark

asked on

Determine the reversed dns lookup zone for a given host

I have to make a Powershell script that automaticaly deletes DNS-records for a given host (when server is decomissioned).

Deleting the A-record is no problem, pretty straight forward. But when I try to delete the associated PTR record I run in to a problem: I don't know in advance, what IP-class is used.

Example:
Host = kktest which has the ip 10.55.16.240
If I wan't to delete the PTR record, I need to now the Zonename. If the IP is a class C IP-address, the Zonenam would be 16.55.10.in-addr.arpa.

The problem here is, that I don't know if it's a C class IP or not, so it might as well be that the Zonename is 55.10.in-addr.arpa

So my question is: Is there any way to determine either which class the IP belongs to or which reversed dns lookup zone it belongs to?

This is the script so far: 
$NodeToDelete = "kktest"
$DNSServer = "T-SIT-DC0004.t-prod.t-sitad.dk"
$ZoneName = "t-prod.t-sitad.dk"
$NodeDNS = $null

$NodeDNS =  Get-DnsServerResourceRecord `
               -ZoneName $ZoneName `
               -ComputerName $DNSServer `
               -Node $NodeToDelete `
               -RRType A `
               -ErrorAction SilentlyContinue

$ip                  = $NodeDNS.RecordData.IPv4Address.IPAddressToString
$split               = $ip.Split("\.")
$revZoneName         = $split[2] + "." + $split[1] +"." + $split[0] + ".in-addr.arpa"
$IPAddressFormatted  = ($split[3])

$NodePTRRecord =  Get-DnsServerResourceRecord `
                     -ZoneName $revIP `
                     -ComputerName $DNSServer `
                     -RRType Ptr `
                     -ErrorAction SilentlyContinue |
                   Where {$_.Hostname -eq $IPAddressFormatted}

Remove-DnsServerResourceRecord `
     -ZoneName $revIP `
     -ComputerName $DNSServer `
     -InputObject $NodePTRRecord `
     -Force

Open in new window

Avatar of Douglas Suyemoto
Douglas Suyemoto
Flag of United States of America image
The class is determined by the first octet in the address, so you can try converting the octet to an int and doing a test for its value:

$split               = $ip.Split("\.")
[int]$octet          = [convert]::ToInt32($split[0])
$revZoneName         = ""

if ($octet -le 127)
{
    $revZoneName = $split[0] + ".in-addr.arpa"
}
elseif ($octet -le 191)
{
    $revZoneName = $split[1] +"." + $split[0] + ".in-addr.arpa"
}
elseIf ($octet -le 223)
{
    $revZoneName = $split[2] + "." + $split[1] +"." + $split[0] + ".in-addr.arpa"
}

Open in new window

Avatar of Kasper Katzmann
Kasper Katzmann
Flag of Denmark image

ASKER

Hmmm, for some reason my comment the other day hasn't been posted.

Your suggestion is completely valid, but... My problem is that though it is an A class address (10.55.16.220), the ZoneName might indicate otherwise (16.55.10.in-addr.arpa).

My end goal is to find and delete the correct PTR record for a given host.
ASKER CERTIFIED SOLUTION
Avatar of Douglas Suyemoto
Douglas Suyemoto
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Kasper Katzmann
Kasper Katzmann
Flag of Denmark image

ASKER

Great!
That was exactly what I needed and was the last piece in a big puzzle called "Decomission a Server".