DNS Zone Export

DNS Scenario – Zone Export

Your company has a DNS server that has 10 Active Directory integrated zones.

You need to provide copies of the zone files of the DNS server to the security department. What should you do?

A. Run the dnscmd /ZoneInfo command.

B. Run the ipconfig /registerdns command.

C. Run the dnscmd /ZoneExport command.

D. Run the ntdsutil > Partition Management > List commands.

Correct Answer: C

Explanation:

In Non-AD Integrated DNS Zones

DNS zone file information is stored by default in the %systemroot%\windows\system32\dns folder. When the DNS Server service starts it loads zones from these files. This behavior is limited to any primary and secondary zones that are not AD integrated. The files will be named as <ZoneFQDN>.dns.

In AD Integrated DNS Zones

AD-integrated zones are stored in the directory they do not have corresponding zone files i.e. they are not stored as .dns files. This makes sense because the zones are stored in, and loaded from, the directory.

Now it is important task for us to take a backup of these AD integrated zones before making any changes to DNS infrastructure. Dnscmd.exe can be used to export the zone to a file. The syntax of the command is:

DnsCmd <ServerName> /ZoneExport <ZoneName> <ZoneExportFile>
<ZoneName>   — FQDN of zone to export
/Cache to export cache

As an example, let’s say we have an AD integrated zone named habib.local, our DC is server1. The command to export the file would be:

Dnscmd server1 /ZoneExport habib.local habib.local.bak

You can refer to a complete article on DNSCMD in Microsoft TechNet website

http://technet.microsoft.com/en-us/library/cc772069(v=ws.10).aspx

Advertisements

One thought on “DNS Zone Export

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s