How can I search Domain Integrated DNS Entries

domain-name-system internal-dns domain

Example:

  1. I have a server named server1.domain.local
  2. I have lots of CNAME entries in various forward lookup zones pointed to server1.domain.local
  3. I want to decomission server1, and have a new server, server2, that is going to replace it.

I need to change all of my CNAMEs that point to server1.domain.local to point to server2.domain.local.

I know I can create server1.domain.local as another CNAME, but I would prefer to just find all the entries and change them individually.

How can I go about finding all references in all forward lookup zones to server.domain.local?


The dnscmd utility from the Windows Support Tools is probably your best bet. You can get a list of all the DNS zones with the command: dnscmd [servername] /EnumZones. You can enumerate all the CNAME records in each zone with the command: dnscmd [servername] /EnumRecords [zone name] . /TYPE CNAME.

In theory you could chain these two together in a script, process the output, and make the changes you want automatically (also using dnscmd with the /RecordDelete and /RecordAdd commands). That's an exercise I'll leave to you (for now).

Edit: Okay-- I couldn't resist. Here's that script. It will only echo the commands that actually make changes. If it does what you want then you can pull the echo commands out and let 'er rip.

@echo off

set SERVER_TO_REPLACE=server1.domain.com
set REPLACEMENT_VALUE=server2.domain.com

rem Quick and dirty list of Primary zones that aren't Reverse zones
for /F "usebackq" %%i in (`dnscmd %1 /EnumZones ^| find " Primary" ^| find /v " Rev"`) do call :process_zone %1 %%i
goto end

:process_zone
rem Quick and dirty enumeration of all CNAME records in a zone
for /F "usebackq tokens=1,3,4" %%i in (`dnscmd %1 /EnumRecords %2 . /TYPE CNAME ^| find " CNAME"`) do call :process_RR %1 %2 %%i %%j %%k
goto end

:process_RR
rem Check a record and alter it if necessary
if /I "%5" EQU "%SERVER_TO_REPLACE%" (
  echo dnscmd %1 /RecordDelete %2 %3 %4 %5 /f
  echo dnscmd %1 /RecordAdd %2 %3 %4 %REPLACEMENT_VALUE%
)

:end

One method would be to run nslookup from one of your DNS servers, or a system that is permitted to perform a zone transfer. With nslookup do a ls > file which will request a copy of the zone database and save it to a text file. Then the search feature in your favorite text editor to find things to fix.


Are these AD integrated zones? If not, you can manually edit the zone files with notepad (find and replace) and then reload the zones.

EDIT

My bad. I didn't see in your title that these are AD integrated zones. You can still use the method I posted by changing the zones to non-AD integrated zones, editing the zone files that will be created, then changing them back to AD integrated zones. It's a bit of a hack so this may not be the method you'd prefer to use.

Related

OS X Login Authentication Against Leopard Server
Unable to view sensor data in ESXi 5.x on DL380 G7
How to dedicate a NIC to a VM in Hyper-V
All client browsers repeatedly asking for NTLM authentication when running through local proxy server
Cron jobs running twice - Ubuntu server 12.04
Event Logging for RAID fault in 2008 R2
Exchange 2007 Distribution List with External Addresses
How do I setup O365 to allow IMAP?
WMI queries can't run with a FQDN?
Redirect crontab output to email
systemd instance name (%i) not working in ExecStart
How to get a service to listen on port 80 on Windows Server 2003