It sounds like what you really want is to move those records to another server. I don't recall if this is AD integrated or not, and if so, what the scope of those records is set to. However, setting up a second server and using zone transfer to that server (for backup purposes) is one way to get all of the records in the zones into text files. You could also use WMI scripts/programs to cull that information or you could realize that if it is AD integrated that data exists elsewhere and that copying it off is not what you want to do. One other method, which is very much a zone transfer is to use the nslookup ls -d zonename command which puts that information to std i/o. Using dnscmd would be able to gather that information as would a backup (either AD based (see above if that's what you need) or server file based.
If not AD-Integrated, you could just copy the zone files :)
Am I missing something you need to do?
Al
On 3/2/06, Bart Van den Wyngaert <[EMAIL PROTECTED]> wrote:
Well I kind of need a DNS query. We used to register our DNS records manually and also remove them. But in case the server is at the end of it's lifecycle, we shut it down for some weeks (in case of migration scenario) and then remove all it's registrations.We're looking into a way that we don't need to power on the server again, but still are able to remove all DNS registrations (server itself, cluster resources, ...). So it would be like a DNS query... But if there is something in AD that we can use as reference... Something like an LDAP query for AD, but then on DNS seems like the best description.Also there is a part that is always related to the server, but there are extensions (ex. cluster resources), that's why I started talking about wildcards...I'll have a look into the dsquery tool you mentioned, as I'm not familiar with that tool.... I'll get back to you.Many thanks,Bart
On 3/1/06, Ulf B. Simon-Weidner <[EMAIL PROTECTED] > wrote:Very true point - as long as you don't need it to be a DNS-Query you can use dsquery or admod to query for the dnsNode-Objects in the container hosting the DNS-Zones (out of my head since none of my test-dcs is currenty running: cn=MicrosoftDNS,cn=system,dc=xxx where xxx is either the domain or the application partition).However keep in mind that those LDAP-Queries are getting expensive when not querying all of them but specific and the wildcard is in front - e.g. querying at *.domain.com is heavy on the server, server01.* would be OK.Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile: http://mvp.support.microsoft.com/profile="">
From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Paessens, Daniel
Sent: Wednesday, March 01, 2006 9:10 PMSubject: RE: [ActiveDir] OT : Query DNS using wildcards?
Hello,Against what are you trying to perform a query. it's possible to perform a query against AD by using a csvde command.When using these command you are able to use some wildcards.Regards,Daniel
From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Bart Van den Wyngaert
Sent: Wednesday, March 01, 2006 15:43
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] OT : Query DNS using wildcards?
Hello Ulf,I agree on the point that it would open up an attack surface, but on the other hand we want to keep our environment clean when a server is at the end of lifecycle.In a lot of cases the server is already powered off some week before we start cleaning the different environments (to be sure there is nothing forgotten). In case of a cluster, you have several hosts registered into DNS and IP's for all the resources. We're looking into a way to retrieve that info without the need to power on the server again...Best regards,Bart
On 3/1/06, Ulf B. Simon-Weidner <[EMAIL PROTECTED] > wrote:Hello Bart,AFAIK DNS is not designed being queried with a wildcard - which would open up a attack surface you definitelly don't want. Closest thing you can do is performing a LS-Command against a DNS-Server ( e.g. with nslookup), however this requires the DNS-Server to allow zone transfers to the machine where you perform the ls-command.Ulf
From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Bart Van den Wyngaert
Sent: Wednesday, March 01, 2006 1:34 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OT : Query DNS using wildcards?
Hi all,We're looking at this moment for a way to query DNS using wildcards, but untill now, no luck!Does anybody knows a way to do this?Thanks,Bart
