Documenting Microsoft DNS with Microsoft PowerShell Version 1.00

July 25, 2016

DNS, PowerShell

After releasing documentation scripts for Microsoft Active Directory and DHCP, I received a lot of requests for a script to document Microsoft DNS. Microsoft makes DNS cmdlets for Windows Server 2012 and higher. I sent out a request for testers and from their requests I added a lot more functionality to my initial script.

I would like to thank my new employer, Choice Solutions, for allowing me to finish this script on company time and also allowing me to start on the XenApp/XenDesktop 7.8+ script and updating the Active Directory script with Text and HTML output.

The script documents almost every nook and cranny of DNS that I can find a way to document using PowerShell. This script can be run remotely if RSAT is installed on the computer running the script. If the DNS server name is entered as localhost or an IP address, the script will attempt to resolve those to the actual server name. This script generates Microsoft Word, PDF, formatted text and HTML output.

The following items are documented:

  • DNS Server Information
  • Forward Lookup Zones
    • GlobalNames
    • Stub Zones
  • Reverse Lookup Zones
    • Stub Zones
  • Trust Points
  • Conditional Forwarders
  • Resource Records
    • A
    • AAAA
    • Afsdb
    • Atma
    • CName
    • DhcId
    • DName
    • DnsKey
    • DS
    • HInfo
    • Isdn
    • Key
    • Mb
    • Mg
    • MInfo
    • Mr
    • Mx
    • Naptr
    • Ns
    • Ptr
    • Rp
    • Rt
    • Soa
    • Srv
    • Txt
    • Wins
    • WinsR
    • Wks
    • X25

I am still working to find a way to document the security tab for any level in the DNS console that had a Security tab. I found a script on the TechNet Gallery but I can’t make sense of the output. For example, the Security tab for one of my resource records lists Pre-Windows 2000 Compatible Access once with the List Contents permission but the script from the TechNet Gallery lists “BUILTIN\Pre-Windows 2000 Compatible Access Allow” 14 times.

There are a few Resource Record types that do not return any detail data:

  • KEY
  • MB
  • MG
  • MINFO
  • MR
  • NAPTR
  • NXT
  • SIG

The Get-DnsServerResourceRecord cmdlet supports more resource record types than I can find a way to create so I don’t know how to handle them in the script.

  • Gpos
  • Loc
  • Md
  • Mf
  • NasP
  • NasPtr
  • NSec
  • NSec3
  • NSec3Param
  • NsNxt
  • RRSig

Please let me know if I missed documenting any DNS feature or if something is not documented properly.

NOTE: All scripts are continually updated. You can always find the most current versions by going to http://carlwebster.com/where-to-get-copies-of-the-documentation-scripts/

Thanks

Webster

About Carl Webster

Webster is a Sr. Solutions Architect for Choice Solutions, LLC and specializes in Citrix, Active Directory and Technical Documentation. Webster has been working with Citrix products for many years starting with Multi-User OS/2 in 1990.

View all posts by Carl Webster

No comments yet.

Leave a Reply