Mastodon

Tuesday, 27 August 2013

Querying DNS RecordData properties in PowerShell

Using the Get-DnsServerResourceRecord cmdlet it's simple to retrieve the records in a domain, and by combining it with Where-Object it's simple to filter by most of the properties of the zone as well. For instance :

    Get-DnsServerResourceRecord -ZoneName "mydomain.com" | Where-Object {$_.RecordType -eq "MX"}

will give you all the MX records within the mydomain.com zone. We can equally filter by HostName, DistinguishedName and a few others since they're simple string values.

What happens when we want to query a zone on RecordData? For example, how would we find all the records that point to "192.168.0.1", or MX records that are using "mydomain.com". This data isn't stored as a normal string, so it can't be queried in the same way. Using Get-Member to find the properties of Get-DnsServerResourceRecord you'll find that the RecordData property type is "CimInstance#Instance", not string like others mentioned above.

What this essentially means is that the RecordData property has properties within it, and it's these that we need query. Each type of record has its own individual properties corresponding to the type of data held within it.

Depending on the type of record you're querying there are different property names to use. To find the list use :

    $records = Get-DnsServerResourceRecord -ZoneName "mydomain.com"
    $records.RecordData | Get-Member

You'll see some have one relevant property, for instance IPv4Address, while others which hold more info have multiple, for instance MailExchange and Preference for MX records.

Note, you'll only see those values that exist within the zone you used above. So if the zone doesn't have an MX record you won't see any MX record details listed.

To query using them you add the property after RecordData, for instance :

    Get-DnsServerResourceRecord -ZoneName "mydomain.com" | Where-Object {$_.RecordData.IPv4Address -eq "192.168.0.1"}

or

    Get-DnsServerResourceRecord -ZoneName "mydomain.com" | Where-Object {$_.RecordData.MailExchange -match "mydomain.com"}

You see it's fairly straight forward to query these, it's just a question of finding them in the first place. Below is a list of the most common record types, it's not every single one possible but it should cover most situations.

A Record            IPv4Address
AAAA Record      IPv6Address
MX Record          MailExchange, Preference
CNAME Record    HostNameAlias
SRV Record        DomainName, Port, Priority, Weight
TXT Record        DescriptiveText
SOA Record       PrimaryServer, ExpireLimit, MinimumTimeToLive,   
                        RefreshInterval, ResponsiblePerson, RetryDelay, Serial Number
NS Record         NameServer
PTR Record        PtrDomainName

If you require any additional record types simply use Get-Member as listed above on a zone containing the required properties.

References:
http://ninjamonki.blogspot.co.uk/2013/02/powershell-and-dns.html
http://social.technet.microsoft.com/Forums/windowsserver/en-US/6817b151-12f3-42d5-92ae-f4f0a7e99858/querying-getdnsserversourcerecordrecorddata-ciminstanceinstance-data-in-powershell-30
Posted by Keith Langmead at 21:12
Labels: , , , , ,

11 comments:

  1. PS Noob4 October 2013 at 20:45

    So helpful, this was driving me crazy for days!

    ReplyDelete
  2. Curtiss30 July 2015 at 20:18

    Get-DnsServerResourceRecord -ComputerName sever-zonename zone.com -RRType A |select name,recorddata

    how do I get just name and IP address to display, doing something like the command above?

    ReplyDelete
  3. CmdrKeene3 September 2015 at 18:00

    How can I run the DnsServerResourceRecord cmdlet from Windows 7?

    ReplyDelete
  4. Test 3756 August 2016 at 08:28

    Works for Show-DNSServerCache too. This article helped me work that out

    $cache = Show-DnsServerCache
    $cache | Where-Object {$_.RecordData.IPv4Address -like "193.*"}

    ReplyDelete
    Replies
    1. Alessandro Squeo28 September 2016 at 16:05

      Excellent article. It help me big time!
      I wonder if this works for creating or updating a record in DNS
      Add-DnsServerResourceRecord A -IPv4Address 172.16.11.239 -Name SEA-TEST -ZoneName global.contoso.com

      or, do I need to add -RRType A

      Delete
  5. Unknown15 December 2016 at 08:46

    how do you determine what type of DNS record a DNS name is?

    ReplyDelete
  6. eliassal22 January 2017 at 12:32

    HI, very nice and useful thread, thanks. IPv4Address is a string, I would like to sort in ascending order, how this can be done, I tried
    Sort-Object {$_.RecordData.IPv4Address}
    but it doesn²t do it correctly it displays 92.168.1.11 before 16189.2.168.1.2
    Thanks in advance

    ReplyDelete
  7. Nandhini25 July 2017 at 06:57

    The strategy you have posted on this technology helped me to get into the next level and had lot of information in it...Python Training in Chennai

    ReplyDelete
  8. Unknown11 December 2018 at 23:16

    Is there a way to combine record types into one field?
    Get-DnsServerResourceRecord Domain.com -ComputerName stm5dc01 | select hostname, recordType, name, @{Name='ARecordData';Expression={$_.RecordData.IPv4Address}}, @{Name='CNameRecordData';Expression={$_.RecordData.HostnameAlias}} | ft

    As you can see from the above command I have to actually do an expression for each record type the domain may contain to get all the domain zone data.

    ReplyDelete
    Replies
    1. Unknown3 January 2019 at 21:18

      Solution:
      https://github.com/lawson2305/Powershell/blob/master/DNSZoneRecord.ps1

      Delete
  9. Michael West12 February 2019 at 22:03

    Thanks for sharing.

    ReplyDelete

Subscribe to: Post Comments (Atom)