RE: [ActiveDir] Verifying DNS records of many DC's
David, I forwarded on a zip to you with a scrubbed version. Let me know what you think. If anyone else was seriously looking forward to this let me know and based on the David's results I may or may not post it or put it on the web site. joe - http://www.joeware.net (download joeware) http://www.cafeshops.com/joewarenet (wear joeware) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Sunday, April 11, 2004 2:26 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Cool. I'll be eagerly waiting. :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Sunday, April 11, 2004 13:06 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's I am actually working on a perl script to do this. I will see if it is to a point that I would be willing to let people see it. The big shortcoming right now is that it won't check GC records very well because MS doesn't have a way (other than reading files on a DC) to check to see what GCs are supposed to be covering what sites. It will also generate an output file that can be read by another script I have that will use nsupdate to purge incorrect records. If I don't respond back on this in the next week and no one else has a better solution, ping me. This will be a busy week as I am going back to work after a week at the summit and another week where I was at DEC. joe - http://www.joeware.net (download joeware) http://www.cafeshops.com/joewarenet (wear joeware) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Sunday, April 11, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Verify all correct SRV records exist in their correct zones, no stale/duplicate IP's, etc. We had a situation where we wanted to verify each DC's DNS records were correct, but going through manually (or using dnslint.exe over and over) is time consuming, so I was curious if there's an easier way to go about this. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of deji Agba Sent: Sunday, April 11, 2004 12:27 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Check them/verify them for what? Check if they exist or if they are good? Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Active Directory www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: David Adner Sent: Sun 4/11/2004 10:16 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Verifying DNS records of many DC's What's the best way of verifying the AD related DNS records for a Domain that has upwards of 100+ DC's? I know dnslint.exe will check records, but is there a way to get it to check the records for so many DC's easily? Or some other tool? Thx List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Verifying DNS records of many DC's
Sounds like a good thing Joe. I'd be interested. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Samstag, 17. April 2004 01:58 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's David, I forwarded on a zip to you with a scrubbed version. Let me know what you think. If anyone else was seriously looking forward to this let me know and based on the David's results I may or may not post it or put it on the web site. joe - http://www.joeware.net (download joeware) http://www.cafeshops.com/joewarenet (wear joeware) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Sunday, April 11, 2004 2:26 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Cool. I'll be eagerly waiting. :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Sunday, April 11, 2004 13:06 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's I am actually working on a perl script to do this. I will see if it is to a point that I would be willing to let people see it. The big shortcoming right now is that it won't check GC records very well because MS doesn't have a way (other than reading files on a DC) to check to see what GCs are supposed to be covering what sites. It will also generate an output file that can be read by another script I have that will use nsupdate to purge incorrect records. If I don't respond back on this in the next week and no one else has a better solution, ping me. This will be a busy week as I am going back to work after a week at the summit and another week where I was at DEC. joe - http://www.joeware.net (download joeware) http://www.cafeshops.com/joewarenet (wear joeware) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Sunday, April 11, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Verify all correct SRV records exist in their correct zones, no stale/duplicate IP's, etc. We had a situation where we wanted to verify each DC's DNS records were correct, but going through manually (or using dnslint.exe over and over) is time consuming, so I was curious if there's an easier way to go about this. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of deji Agba Sent: Sunday, April 11, 2004 12:27 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Check them/verify them for what? Check if they exist or if they are good? Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Active Directory www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: David Adner Sent: Sun 4/11/2004 10:16 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Verifying DNS records of many DC's What's the best way of verifying the AD related DNS records for a Domain that has upwards of 100+ DC's? I know dnslint.exe will check records, but is there a way to get it to check the records for so many DC's easily? Or some other tool? Thx List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Verifying DNS records of many DC's
FWIW - If your environment has HP OpenView Operations for Windows with the AD SPI, it will check all of these records for you assuming you are monitoring each DC. In addition, it will also determine if that each site is being covered by a GC and notify you if it is not the case. -Aric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Sunday, April 11, 2004 11:26 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Cool. I'll be eagerly waiting. :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Sunday, April 11, 2004 13:06 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's I am actually working on a perl script to do this. I will see if it is to a point that I would be willing to let people see it. The big shortcoming right now is that it won't check GC records very well because MS doesn't have a way (other than reading files on a DC) to check to see what GCs are supposed to be covering what sites. It will also generate an output file that can be read by another script I have that will use nsupdate to purge incorrect records. If I don't respond back on this in the next week and no one else has a better solution, ping me. This will be a busy week as I am going back to work after a week at the summit and another week where I was at DEC. joe - http://www.joeware.net (download joeware) http://www.cafeshops.com/joewarenet (wear joeware) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Sunday, April 11, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Verify all correct SRV records exist in their correct zones, no stale/duplicate IP's, etc. We had a situation where we wanted to verify each DC's DNS records were correct, but going through manually (or using dnslint.exe over and over) is time consuming, so I was curious if there's an easier way to go about this. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of deji Agba Sent: Sunday, April 11, 2004 12:27 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Check them/verify them for what? Check if they exist or if they are good? Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Active Directory www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: David Adner Sent: Sun 4/11/2004 10:16 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Verifying DNS records of many DC's What's the best way of verifying the AD related DNS records for a Domain that has upwards of 100+ DC's? I know dnslint.exe will check records, but is there a way to get it to check the records for so many DC's easily? Or some other tool? Thx List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Verifying DNS records of many DC's
Check them/verify themfor what? Check if they exist or if they are good? Sincerely,Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Active Directorywww.akomolafe.comwww.iyaburo.comDo you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: David AdnerSent: Sun 4/11/2004 10:16 AMTo: [EMAIL PROTECTED]Subject: [ActiveDir] Verifying DNS records of many DC's What's the best way of verifying the AD related DNS records for a Domain that has upwards of 100+ DC's? I know dnslint.exe will check records, but is there a way to get it to check the records for so many DC's easily? Or some other tool? Thx List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Verifying DNS records of many DC's
Verify all correct SRV records exist in their correct zones, no stale/duplicate IP's, etc. We had a situation where we wanted to verify each DC's DNS records were correct, but going through manually (or using dnslint.exe over and over) is time consuming, so I was curious if there's an easier way to go about this. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of deji Agba Sent: Sunday, April 11, 2004 12:27 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Check them/verify them for what? Check if they exist or if they are good? Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Active Directory www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: David Adner Sent: Sun 4/11/2004 10:16 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Verifying DNS records of many DC's What's the best way of verifying the AD related DNS records for a Domain that has upwards of 100+ DC's? I know dnslint.exe will check records, but is there a way to get it to check the records for so many DC's easily? Or some other tool? Thx List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Verifying DNS records of many DC's
Hi David, It seems to me the best way to check these would be part of a dcdiag execution. If these DCs are all part of a root/child domain structure, you could run dcdiag /e /v on your FSMO role holder. Enter dcdiag /? for details. Mike Thommes -Original Message- From: David Adner [mailto:[EMAIL PROTECTED] Sent: Sun 4/11/2004 12:50 PM To: [EMAIL PROTECTED] Cc: Subject: RE: [ActiveDir] Verifying DNS records of many DC's Verify all correct SRV records exist in their correct zones, no stale/duplicate IP's, etc. We had a situation where we wanted to verify each DC's DNS records were correct, but going through manually (or using dnslint.exe over and over) is time consuming, so I was curious if there's an easier way to go about this. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of deji Agba Sent: Sunday, April 11, 2004 12:27 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Check them/verify them for what? Check if they exist or if they are good? Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Active Directory www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: David Adner Sent: Sun 4/11/2004 10:16 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Verifying DNS records of many DC's What's the best way of verifying the AD related DNS records for a Domain that has upwards of 100+ DC's? I know dnslint.exe will check records, but is there a way to get it to check the records for so many DC's easily? Or some other tool? Thx List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Verifying DNS records of many DC's
I am actually working on a perl script to do this. I will see if it is to a point that I would be willing to let people see it. The big shortcoming right now is that it won't check GC records very well because MS doesn't have a way (other than reading files on a DC) to check to see what GCs are supposed to be covering what sites. It will also generate an output file that can be read by another script I have that will use nsupdate to purge incorrect records. If I don't respond back on this in the next week and no one else has a better solution, ping me. This will be a busy week as I am going back to work after a week at the summit and another week where I was at DEC. joe - http://www.joeware.net (download joeware) http://www.cafeshops.com/joewarenet (wear joeware) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Sunday, April 11, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Verify all correct SRV records exist in their correct zones, no stale/duplicate IP's, etc. We had a situation where we wanted to verify each DC's DNS records were correct, but going through manually (or using dnslint.exe over and over) is time consuming, so I was curious if there's an easier way to go about this. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of deji Agba Sent: Sunday, April 11, 2004 12:27 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Check them/verify them for what? Check if they exist or if they are good? Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Active Directory www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: David Adner Sent: Sun 4/11/2004 10:16 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Verifying DNS records of many DC's What's the best way of verifying the AD related DNS records for a Domain that has upwards of 100+ DC's? I know dnslint.exe will check records, but is there a way to get it to check the records for so many DC's easily? Or some other tool? Thx List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Verifying DNS records of many DC's
Cool. I'll be eagerly waiting. :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Sunday, April 11, 2004 13:06 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's I am actually working on a perl script to do this. I will see if it is to a point that I would be willing to let people see it. The big shortcoming right now is that it won't check GC records very well because MS doesn't have a way (other than reading files on a DC) to check to see what GCs are supposed to be covering what sites. It will also generate an output file that can be read by another script I have that will use nsupdate to purge incorrect records. If I don't respond back on this in the next week and no one else has a better solution, ping me. This will be a busy week as I am going back to work after a week at the summit and another week where I was at DEC. joe - http://www.joeware.net (download joeware) http://www.cafeshops.com/joewarenet (wear joeware) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Sunday, April 11, 2004 1:51 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Verify all correct SRV records exist in their correct zones, no stale/duplicate IP's, etc. We had a situation where we wanted to verify each DC's DNS records were correct, but going through manually (or using dnslint.exe over and over) is time consuming, so I was curious if there's an easier way to go about this. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of deji Agba Sent: Sunday, April 11, 2004 12:27 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Verifying DNS records of many DC's Check them/verify them for what? Check if they exist or if they are good? Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Active Directory www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: David Adner Sent: Sun 4/11/2004 10:16 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Verifying DNS records of many DC's What's the best way of verifying the AD related DNS records for a Domain that has upwards of 100+ DC's? I know dnslint.exe will check records, but is there a way to get it to check the records for so many DC's easily? Or some other tool? Thx List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
