In an earlier post on the site (Microsoft DNS record updates using PowerShell and DNSCMD) I noted how PowerShell cannot natively update records in MS DNS, however we could leverage the DNSCMD command and pass parameters using a simple PowerShell script.
A couple of comments came in regarding the records which are in DNS listed with a name of “same as parent folder” as you see here:
These records are actually the Name Server (NS) records for the zone which are created dynamically as Domain Controllers and DNS servers which are authoritative for the zone come online.
The original script required the CSV file that feeds parameters to the script to use the following format:
The challenge with this formatting is that the “same as parent folder” records don’t map against the fields we are setting in the script. Let’s break down the changes we need to do by working directly with the DNSCMD command and then we can adjust our input file accordingly.
First, let’s look at the typical command to add a single A record which we use in our script. Note that there are lots of other parameters, but I’m showing the minimum set of data we need to create a new record.
DNSCMD <server-name> /RecordAdd <zone-name> <record-name> <record-type> <record-address>
So if we wanted to add a record like: A ftp 192.168.55.3 we would use this command:
DNSCMD DC01.corp.discoposse.com /RecordAdd corp.discoposse.com ftp A 192.168.55.3
Our new records we wish to add have no name though. If we were to try putting (same as parent folder) it would throw an error. Trust me…I tried it just for fun:
While there are limited situations that require adjusting these records manually, there are times that it is needed. So here is the trick to working with these records using our existing PowerShell and CSV files from the previous post.
Adding NS records to your zone
So now that we know what type of records we are adding (NS records) and we know that they reference the current zone as the parent, let’s do a quick check on what DOS and Unix told us about how to reference the current folder. We only need one simple character, period. No I mean literally, a period.
DNSCMD DC01.corp.discoposse.com /RecordAdd corp.discoposse.com . NS otherserver.corp.discoposse.com
And this will be the result:
It is just that east, right?
But wait, there’s a problem
The issue we have now is that our original script runs through our CSV file to first delete the records, and then re-create them. The problem is that the PowerShell command built inside the script for the removal will create and run the following command:
DNSCMD DC01.corp.discoposse.com /RecordDelete corp.discoposse.com . NS /f
By running this command we would blindly delete any NS record because the other record types didn’t require the address details to be included in the delete. So now that we have a specific NS record to delete, we need to know the DNSCMD syntax:
DNSCMD DC01.corp.discoposse.com /RecordDelete corp.discoposse.com . NS otherserver.corp.discoposse.com /f
Note the addition of the server name which ensures we are only deleting the specific record from the CSV file. So we run this command and we achieve exactly what we want:
Now let’s update the script to account for the potential records which have a period as the record name. The original section which creates the delete command is as follows:
$cmdDelete = “dnscmd $DNSServer /RecordDelete $DNSZone $recordName $recordType /f”
Before we craft together the $cmdDelete we just have to query the $recordName to ensure it isn’t a our dotted reference. A simple if statement wrapped around the block along with a second $cmdDelete creation which adds the additional data.
But wait! Why not look for the simplest solution? What if we just add the address into the delete command for everything? Here is the full command for one of the A records with the address appended to the end and the result:
Yay! So rather than having to craft some IF statements around the delete process, we will just adjust the original delete line by adding the $recordAddress which is the content we pulled from the CSV:
# Build our DNSCMD DELETE command syntax
$cmdDelete = “dnscmd $DNSServer /RecordDelete $DNSZone $recordName $recordType $recordAddress /f”
Now we update our CSV file with a sample NS record:
And let’s run the script to test the results:
All successful results! So now we can handle the “same as parent folder” records thanks to the simple update. In fact, you could use any record types that would be tagged with (same as parent folder) which has been used for A records in cases too.
Thanks to those who commented on the first post that prompted me to look into how to handle it. I hope that the update takes care of the extra requirements.