How to Manage DNS Records with PowerShell

Most of the time, DNS records are managed dynamically by your DNS server. However, at times you may find that you need to manually create, edit, or remove various types of DNS records. It is at times like this that PowerShell is quite useful for managing these records.

Viewing DNS Records

You can view all of the resource records for a given DNS zone by simply using the Get-DnsServerResourceRecord cmdlet and specifying the zone name parameter:


Are you an IT pro ready to take your career to the next level? If so, join our contributor program! You don't have to be an expert presenter, a Microsoft MVP or even have a blog. We want your knowledge! You will be coached on presentation skills, become a member of our awesome community and get paid some nice side hustle income every, single month! Sign up today!.

As you can see, this generates quite a lengthy list of records. This nicely highlights one of the advantages of this particular cmdlet over the graphical DNS console. This view gives you all of the records for this zone, regardless of which folder they are in. In the graphical console, it would take quite some time to piece this information together.

Now, let’s thin out this list a bit. Using the same cmdlet, but adding the RRType parameter to search for A records (IPv4 hosts) and filtering for records where the Time To Live (TTL) is greater than 15 minutes gives us a bit more of a manageable┬álist:

Taking this one step further, we can also search for records in a different DNS zone, on a different DNS server. In this example, we will search for A records in the “canada.corp.ad” zone on DNS server DC03:

Adding and Removing Host Records (A and AAAA)

To add a host record, we will need to use the Add-DnsServerResourceRecordA cmdlet. In this example, we need to add a host record for a new printer that we are adding to the network. It will be added to the corp.ad zone with the name “reddeerprint01”, and it’s IP address is 192.168.2.56.

If it turns out that we need to remove a record, for example, if the printer has been decommissioned, we can use the following code to remove the host record that we just created:

It is also just as easy to add an IPv6 host record. Of course, these records differ slightly, as they are listed as AAAA records. You may notice that we are now using the Add-DnsServerResourceRecordAAAA cmdlet. It’s a subtle┬áchange, but an important one. Let’s add a record to the “corp.ad” zone for the new IT Intranet server at “fc00:0128” and then quickly verify that it has been created:

Adding Reverse Lookup Records (PTR)

A reverse lookup record allows the client to query a DNS server to request the hostname for a supplied IP address. Creating a PTR record is a relatively easy process, but there is one important bit of information you will need to know before you start adding PTR records. Reverse lookup zones are not created by default. You will need to set up your reverse lookup zone prior to adding records.

Fortunately, it is relatively easy to do. You just need to use the Add-DnsServerPrimaryZone cmdlet and provide it with the Network ID. In this example, I have also chosen to set the replication scope to the entire AD forest, and I have specifically targeted “DC03” as the preferred DNS server:

Now that our reverse lookup zone is in place, we can add our PTR record for a new printer called “CYQF-Printer-01.canada.corp.ad” that has an IP address of 192.168.2.56. As this record is for the “canada.corp.ad” zone, we will be targeting the DNS server “DC03”.

When using the Add-DnsServerResourceRecordPtr cmdlet, it is important to note a couple of things. First, that you need to specify the zone name using the network ID in reverse order, then add “.in-addr.arpa”. So for our “192.168.2.0/24” network ID, the zone name is “2.168.192.in-addr.arpa”. Second, the “Name” parameter is simply the host portion of the IP address. For our printer at 192.168.2.56, the “Name” is simply “56”.

Once you have those pieces of information, the code required to create the PTR record is relatively simple, if a bit long:

Adding Alias Records (CNAME)

To finish off, we will create a host alias record or CNAME record using the Add-DnsServerResourceRecordCName cmdlet. These records allow you to specify an alias for an existing host record in the zone. This becomes especially useful, for example, if you want to provide your finance users with an address for their web-enabled finance app. You could create an alias called “finance”, and point it to the web server “webapp25.corp.ad”. Then when you need to migrate the app to a new web server with a new hostname, you simply change the CMANE record to point “finance” to the new host. This way, the users don’t have to update their bookmarks. They can continue to access their application using the address “finance.corp.ad”.

Additional Resources

Companion video: “How To Manage DNS Records With PowerShell

David Lamb is a Systems Administrator managing Windows servers and clients since 1995, spending a large portion of his career in the aviation industry. His first certification was the MCSE on Windows NT 4.0, earned in 2001. David lives in Alberta, Canada, and is currently spending his free time learning PowerShell, blogging, and pursuing the MCSE certification on Windows Server.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.