Discovering PowerShell DNS Management
Not too long ago, a reader asked how to use PowerShell to manage DNS. Normally, I keep the newsletter content more broadly focused on PowerShell. I tend not to dive into specific technologies because not everyone needs that technology. However, the idea that you have a management need and you're looking to PowerShell to help you solve it is another story. Let's see how you might go about discovering how to manage something with PowerShell. I'll use DNS management as an example, but it could just as easily be Azure, VMware, or SharePoint.
However, before you dive in, there are two critical requirements. First, you need to know how to use PowerShell effectively from the console. This means knowing how to use help, find commands, and work with objects. If you are still struggling to learn PowerShell, adding a new technology to the mix isn't going to make life any easier.
Second, you need to have a basic understanding of the technology you want to manage. You don't need to be an expert, but you should know the basics, including terminology. For example, if you want to manage DNS, you should know what a DNS server is, what a zone is, and what a record is. You should know what scavenging means. If you don't understand what you are managing, doing it with PowerShell commands just means you'll get frustrated faster and easier. Don't expect PowerShell to teach you the technology you want to manage.
With this in mind, let's see how you might go about discovering how to manage DNS with PowerShell.
Command Discovery
Since we know PowerShell commands follow a verb-noun naming convention, we can begin by looking for commands already installed.
Get-Command -noun *dns*
I think it is clear from this what module we should be looking at. You can refine the noun or grouping results on the module name if you get many results.
PS C:\> Get-Command -noun *dns* | Group Module -NoElement
Count Name
----- ----
7 DhcpServer
21 DnsClient
134 DNSServer
4 IpamServer
6 NetworkTransition
3 VpnClient
The DnsServer module looks like the one we want. Let's see what commands are available.
Module Discovery
I happen to know that this module is included with PowerShell, which I can verify by checking the installation path.
PS C:\> Get-Module DNSServer | Select Path
Path
----
C:\Windows\system32\WindowsPowerShell\v1.0\Modules\DNSServer\DNSServer.psd1
Anything installed in the system32 folder is part of the operating system, which typically means it isn't published in the PowerShell Gallery. But you can still get help.
PS C:\> Find-Module DNSServer
Find-Package: No match was found for the specified search criteria and module name 'DNSServer'. Try Get-PSRepository to see all available registered module repositories.
I point this out so that you know there is no way to update the module. Any module updates will be included in future PowerShell or operating system updates. Because the module is installed on all Windows 10 and 11 computers, you can run Get-Command -Module DNSServer to see the list of module commands.
I want to see what I can do with this module, so I might see what nouns are available.
PS C:\> Get-Command -Module DNSServer | Group-Object Noun -NoElement | Format-Table -AutoSize
Count Name
----- ----
3 DnsServer
4 DnsServerCache
4 DnsServerClientSubnet
2 DnsServerConditionalForwarderZone
2 DnsServerDiagnostics
5 DnsServerDirectoryPartition
...
> I'm using Format-Table to force PowerShell to expand the name column.
The DnsServer noun looks like a good place to start. I can see what commands are available.
PS C:\> Get-Command -Module DNSServer -Noun DnsServer | Select Name
Name
----
Get-DnsServer
Set-DnsServer
Test-DnsServer
Get It
Any Get command should run safely, so I might start there. Of course, the first step is to read the complete command help.
help Get-DnsServer -full
If you are missing help, you might need to run Update-Help. If you have read the help and only need a reminder on syntax, PowerShell can help.
PS C:\> Get-Command Get-DnsServer -Syntax
Get-DnsServer [-ComputerName <string>] [-CimSession <cimsession[]>] [-ThrottleLimit <int>] [-AsJob] [<commonparameters>]
In my test environment, domain controllers DOM and DOM2 are also DNS servers. Based on previous PowerShell experience, my initial inclination is to run this:
PS C:\> Get-DnsServer dom1
Get-DnsServer: A positional parameter cannot be found that accepts argument 'dom1'.
That failed. In my haste, I didn't pay attention to the help. I know from the syntax what parameter I should be using.
I made an assumption that the computer name was positional, but I can see that is a named parameter. If you look at the syntax, the entire parameter is optional because it is enclosed in square brackets. But the parameter name is not in square brackets, so I need to use the parameter name.
PS C:\> Get-DnsServer -computername dom1
WARNING: EnableRegistryBoot not applicable on DNS Server dom1 version.
ServerSetting:
==============
RpcProtocol 5
SelfTest 4294967295
MaximumRodcRsoAttemptsPerCycle 100
WriteAuthorityNs False
TcpReceivePacketSize 65536
EnableDirectoryPartitions True
DisableAutoReverseZone False
...
If you try this, you'll get an extended display of settings. If I look at the Computername parameter on other commands, I'll recognize a pattern.
help Set-DnsServer -Parameter computername
help Test-DnsServer -Parameter computername
The module commands are designed to be invoked on the DNS server. This means I can use PowerShell remoting.
$a = Invoke-Command {Get-DnsServer} -ComputerName dom1
Or, I can see from the help that I can also use a CimSession. Notice the command doesn't have a Credential parameter, so I would need a CimSession or PSSession to connect to a different account.
PS C:\> $cs = New-CimSession -ComputerName dom1 -Credential company\artd
PowerShell credential request
Enter your credentials.
Password for user company\artd: ********
PS C:\> $b = Get-DNSServer -CimSession $cs
Using remoting is much faster, especially if I use a session and want to run several DNS management commands.
Although, I can use the commands remotely as long as I specify the computer name.