Using the Get-DnsServerResourceRecord cmdlet it's simple to retrieve the records in a domain, and by combining it with Where-Object it's simple to filter by most of the properties of the zone as well. For instance :
Get-DnsServerResourceRecord -ZoneName "mydomain.com" | Where-Object {$_.RecordType -eq "MX"}
will give you all the MX records within the mydomain.com zone. We can equally filter by HostName, DistinguishedName and a few others since they're simple string values.
What happens when we want to query a zone on RecordData? For example, how would we find all the records that point to "192.168.0.1", or MX records that are using "mydomain.com". This data isn't stored as a normal string, so it can't be queried in the same way. Using Get-Member to find the properties of Get-DnsServerResourceRecord you'll find that the RecordData property type is "CimInstance#Instance", not string like others mentioned above.
What this essentially means is that the RecordData property has properties within it, and it's these that we need query. Each type of record has its own individual properties corresponding to the type of data held within it.
Depending on the type of record you're querying there are different property names to use. To find the list use :
$records = Get-DnsServerResourceRecord -ZoneName "mydomain.com"
$records.RecordData | Get-Member
You'll see some have one relevant property, for instance IPv4Address, while others which hold more info have multiple, for instance MailExchange and Preference for MX records.
Note, you'll only see those values that exist within the zone you used above. So if the zone doesn't have an MX record you won't see any MX record details listed.
To query using them you add the property after RecordData, for instance :
Get-DnsServerResourceRecord -ZoneName "mydomain.com" | Where-Object {$_.RecordData.IPv4Address -eq "192.168.0.1"}
or
Get-DnsServerResourceRecord -ZoneName "mydomain.com" | Where-Object {$_.RecordData.MailExchange -match "mydomain.com"}
You see it's fairly straight forward to query these, it's just a question of finding them in the first place. Below is a list of the most common record types, it's not every single one possible but it should cover most situations.
A Record IPv4Address
AAAA Record IPv6Address
MX Record MailExchange, Preference
CNAME Record HostNameAlias
SRV Record DomainName, Port, Priority, Weight
TXT Record DescriptiveText
SOA Record PrimaryServer, ExpireLimit, MinimumTimeToLive,
RefreshInterval, ResponsiblePerson, RetryDelay, Serial Number
NS Record NameServer
PTR Record PtrDomainName
If you require any additional record types simply use Get-Member as listed above on a zone containing the required properties.
References:
http://ninjamonki.blogspot.co.uk/2013/02/powershell-and-dns.html
http://social.technet.microsoft.com/Forums/windowsserver/en-US/6817b151-12f3-42d5-92ae-f4f0a7e99858/querying-getdnsserversourcerecordrecorddata-ciminstanceinstance-data-in-powershell-30
