Tuesday, January 20, 2009

Useful DNS, DHCP and WINS command-line operations

Useful DNS, DHCP and WINS command-line operations


The commands below are a subset of the complete command list found in Useful command-lines, and are command-line operations for core network services - DNS, WINS and DHCP. Most of these commands are queries, useful for once-off or repeated information gathering for reporting, trending, troubleshooting or diagnostics.

Each command-line can be copied and pasted at the command prompt, if you use a batch file you'll need to reference variables with double-percent (%%).

DNS command-line operations

Query DNS forest-wide partition replica
dsquery * "DC=ForestDNSZones,dc=forestRootDomain

Add a CNAME record to DNS
dnscmd %server% /recordadd %zone% %AliasName% CNAME %HostnameAliasing%

Query zone resource records on a Microsoft DNS server
wmic /namespace:\\root\microsoftdns /node:%server% path MicrosoftDNS_ResourceRecord WHERE ContainerName='%zone_name%'

nslookup with debug information
nslookup -debug %IP%

DSQuery authorised DHCP Servers
Dsquery * "cn=NetServices,cn=Services,cn=Configuration, DC=forestRootDomain" -attr dhcpServers

Enumerate all records from a DNS zone
dnscmd /enumrecords @ /additional /continue > DNS_all.txt

Lookup SRV records from DNS
nslookup -type=srv _ldap._tcp.dc._msdcs.{domainRoot}

DNS Information
for /f %i in ('dsquery server -domain %userdnsdomain% -o rdn') do dnscmd %i /info

DNS Zone Detailed information
dnscmd /zoneinfo %userdnsdomain%

DNS Zones in AD
for /f %i in ('dsquery server -o rdn') do Dsquery * -s %i domainroot -filter (objectCategory=dnsZone)

Enumerate DNS Server Zones
for /f %i in ('dsquery server -o rdn') do dnscmd %i /enumzones

Print DNS Zones
dnscmd DNSServer /zoneprint DNSZone

Add a host record in DNS
dnscmd %dnsserver% /recordadd %zone% %relative_name% A %ip%

Find aging records from an enumerated zone
find /i "aging:" DNS_all.txt > DNS_aging.txt

DNS Scavenging check, based on the output of aging records from dnscmd.exe
cscript DNSScavengeTest.wsf /f:DNS_aging.txt

Query DNS objects from the directory
dsquery * DC=,CN=MicrosoftDNS,cn=System,dc=

Start DNS scavenging
dnsmd /startscavenging

Delete a host record from DNS
dnscmd %server% /recorddelete %zone% @ A %IP%

Determine the DNS suffix search list set through policy for a computer
reg query "\\%Computer%\HKEY_LOCAL_MACHINE\software\policies\microsoft\Windows NT\DNSClient" /v SearchList

Query for the zones hosted on a Microsoft DNS server
wmic /namespace:\\root\microsoftdns /node:%server% path MicrosoftDNS_Zone

Find DNS Forwarder information from dnscmd output
for %b in (DNS*.txt) do @for /f "skip=2 delims=[]" %i in ('"find /i /N "Forwarders:" %b"') do @for /f "skip=2 delims=[]" %m in ('"find /i /N "Command completed successfully." %b"') do @for /f %p in ('set /a %m-%i') do echo tail -%p %b

List primary reverse lookup zones from a DNS server
dnscmd %server% /EnumZones /secondary /reverse

List allowed secondary servers for the specified zone
dnscmd %server /zoneinfo %ip%.in-addr.arpa SecondaryServers

DHCP command-line operations

Netsh authorised DHCP Servers
netsh dhcp show server

DHCP server information
netsh dhcp server \\DHCP_SERVER show all

DHCP server dump
netsh dhcp server \\DHCP_SERVER dump > dhcp.txt

Last 50 leases on DHCP servers
for /f %i in (DHCPServers.txt) do echo %i && tail -50 \\%i\c$\WINNT\system32\dhcp\DhcpSrvLog.Tue

Active DHCP leases
For /f %i in (DHCPServers.txt) do for /f "delims=- " %j in ('"netsh dhcp server \\%i show scope find /i "active""') do netsh dhcp server \\%i scope %j show clientsv5 >> DHCPClients_%i.txt

DHCP clients from all servers
Find /i "255." DHCPClients_*.txt find /i "255." > DHCPClientsAll.txt

DHCP Server Active Scope Info
For /f %i in (DHCPServers.txt) do netsh dhcp server \\%i show scope find /i "active" >> DHCPInfo_%i.txt

Find Subnets from DHCP clients
FindSubnets.bat 'Output from Active DHCP leases'

Resolve DHCP clients hostnames
for /f "tokens=1,2,3 delims=," %i in (Output from 'Find Subnets from DHCP clients') do @for /f "tokens=2 delims=: " %m in ('"nslookup %j find /i "Name:""') do echo %m,%j,%k,%i

Find two online PCs per subnet
Echo. > TwoClientsPerSubnet.txt & for /f "tokens=1,2,3,4 delims=, " %i in ('"find /i "pc" 'Output from Resolve DHCP clients hostnames'"') do for /f "tokens=3 skip=1 delims=: " %m in ('"Find /i /c "%l" TwoClientsPerSubnet.txt"') do If %m LEQ 1 for /f %p in ('"ping -n 1 %i find /i /c "(0% loss""') do If %p==1 Echo %i,%j,%k,%l >> TwoClientsPerSubnet.txt

Find unique Subnets
for /f "delims=" %i in (Output from FindSubnets) do @Find /i "%i" UniqueSubnets.txt 1>nul 2>nul & @if ErrorLevel 1 echo %i >> UniqueSubnets.txt

Find DHCP Scopes not in AD
for /f "tokens=1,2" %i in (Output from 'Find Unique Subnets') do @for /f "skip=2 delims==" %m in ('find /i "%j" SubnetMaskShorthand.txt') do @find /i "%i/%m" Output from 'AD Subnet and Site Information' >NUL & @If ErrorLevel 1 for /f "skip=1 tokens=2 delims=:" %p in ('find /i /c "%i %j" Output from 'Find Subnets from formatted output'') do @Echo %i/%m,%p

DHCP Clients Per AD Site
for /f "tokens=1,2,3 delims=/ " %i in (Output from 'AD Subnet and Site Information') do @For /f "skip=2 tokens=1,2 delims==" %m in ('find /i "%j=" SubnetMaskShorthand.txt') do @For /f "skip=1 tokens=2 delims=:" %p in ('find /i /c "%i,%n" Output from 'Find Subnets from DHCP clients') Do @Echo %i/%m,%p,%k

DHCP Servers Per AD Site
for /f "tokens=1,2 delims=/" %i in (SiteClientCounts.txt) do @for %k in ("Output from 'DHCP Server Active Scope Info'") do @find /i "%i" "%k" >nul & If ErrorLevel 0 if Not ErrorLevel 1 echo %i/%j,%~nk

Total DHCP Scopes
find /i "subnet" "Output from DHCP server information" find /i "subnet"

WINS command-line operations

WINS serer information
Netsh wins server \\WINS_SERVER dump > wins.txt

WINS Statistics
for /f "tokens=1,2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i show statistics >> WINSConfig_%j.txt

WINS Record counts per server
for /f "tokens=1,2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i show reccount %i >> WINSRecordCount.txt

WINS Server Information
for /f "tokens=2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i show info >> WINSConfig_%i.txt

WINS Server Dump
for /f "tokens=2 delims=," %i in (WINSServers.txt) do netsh wins server \\%i dump > WINSConfig_%i.txt

WINS Static Records per Server
netsh wins server \\LocalWINSServer show database servers={} rectype=1

Use WMI to find the WINS entries for DNS-enabled NICs on a list of servers
for /f %i in (servers.txt) do @for /f "skip=1" %m in ('"wmic /node:%i path Win32_NetworkAdapterConfiguration WHERE FullDNSRegistrationEnabled=True get WINSPrimaryServer"') do @echo %i,%m

Set the WINS entry for the specified network
psexec \\%server% netsh interface ip set wins "Local Area Connection" static %WINSIP%


No comments: