Question : Script mass DNS zone changes

Hi. I am using Windows 2003 server. I would like to know a way to script mass changes to many DNS zones either using dnscmd or vbscript. Especially reverse lookup zones.
Thanks

Answer : Script mass DNS zone changes

I too have a large number of public zones that require simultaneous operations.  I use dnscmd via a script in a similar fashion to monitor the zone replication status of the zones on a weekly basis.  The script takes two arguments, primary server IP and zone name, and then adds and removes a dummy record from the zone and tests each secondary server to see if it saw the SOA serial update happen.  You could modify the dnscmd arguments to do whatever you wanted, even add a third argument to control what was done. I call this test script from a master script that contains all of the zone names and primary server addresses.  It's not as elegant as using a database table, but it works.

This master control script looks something like...

testdns x.x.x.x zone1.com
testdns x.x.x.x zone2.com
...
testdns x.x.x.xx zone300.com


The testdns.cmd script looks like this...

@echo off
@REM *
@REM * TESTDNS.CMD
@REM *
@REM * Syntax: testdns
@REM *
@REM * Will force a SOA serial increment (actually two) to the zone (%1) at the
@REM * primary DNS server PublicServer (%2) by adding and removing
@REM * a dummy A record.  This causes a NOTIFY to be sent to the secondary
@REM * DNS servers.
@REM * If the resulting SOA serial changes are not reflected in the secondaries
@REM * the script will return an error.
@REM *

@REM *** Check the current primary serial number

nslookup -query=SOA %1 %2 | find "serial" >test-preprimary 2>nul:

@REM *** Force a serial update to the primary

dnscmd %2 /RecordAdd %1 zztest A 10.0.0.0 >nul:
sleep 1
dnscmd %2 /RecordDelete %1 zztest A /f  >nul:

@REM *** Test if the primary SOA serial was really updated

nslookup -query=SOA %1 %2 | find "serial" >test-primary 2>nul:
fc test-primary test-preprimary | find "serial" >nul:
if ERRORLEVEL 1 goto UPDATE_ERROR

@REM *** After allowing replication time for the zone, test the secondaries

sleep 900
nslookup -query=SOA %1 64.94.123.4 | find "serial" >test-sec1 2>nul:
nslookup -query=SOA %1 64.94.123.36 | find "serial" >test-sec2 2>nul:
nslookup -query=SOA %1 64.95.61.4 | find "serial" >test-sec3 2>nul:
nslookup -query=SOA %1 64.95.61.36 | find "serial" >test-sec4 2>nul:
set ERRDNS=ns-a.pnap.net(64.94.123.4)
set ERRFILE=test-sec1
fc test-primary test-sec1 | find "serial" >nul:
if NOT ERRORLEVEL 1 goto ZONE_ERROR
set ERRDNS=ns-b.pnap.net(64.94.123.36)
set ERRFILE=test-sec2
fc test-primary test-sec2 | find "serial" >nul:
if NOT ERRORLEVEL 1 goto ZONE_ERROR
set ERRDNS=ns-c.pnap.net(64.95.61.4)
set ERRFILE=test-sec3
fc test-primary test-sec3 | find "serial" >nul:
if NOT ERRORLEVEL 1 goto ZONE_ERROR
set ERRDNS=ns-d.pnap.net(64.95.61.36)
set ERRFILE=test-sec4
fc test-primary test-sec4 | find "serial" >nul:
if NOT ERRORLEVEL 1 goto ZONE_ERROR

@REM *** All secondaries had identical SOA serial as the primary = normal exit

del test-*.
exit /B 0



:ZONE_ERROR

@REM *** Bail with an error if any INTERNAP secondary has wrong serial

@echo ZONE_SERIAL_MISMATCH on zone %1:
@echo   Primary says...
@type test-primary
@echo   %ERRDNS% says...
@type %ERRFILE%
@echo ·
del test-*.
exit /B 1


:UPDATE_ERROR

@echo ZONE_UPDATE_ERROR on zone %1 at primary %2
del test-*.
exit /B 2