-
Notifications
You must be signed in to change notification settings - Fork 0
/
search-ms-dns.ps1
160 lines (133 loc) · 7.04 KB
/
search-ms-dns.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
<#
.SYNOPSIS
DNS Search script v1
.DESCRIPTION
Script takes a string input and working through all the primary DNS zones on the local DNS Server returns all records that match the string. In addition there are several optional filters available to either include or exclude zonenames, hostnames and recordtypes. Filtering on mutiple strings is possible using regex, eg -includerecordtype "MX|CNAME|PTR"
.NOTES
Written by Keith Langmead - August 2013
.PARAMETER searchstr
Takes an optional string input which is used to search against all zone records for a match. Regex strings can be used.
.PARAMETER zonenamefilter
Takes an optional string input which is used to filter the zone list being searched. Entire domain names, partial names and regex strings can be used.
.PARAMETER excludehost
Takes an optional string input used to exclude records where the hostname matches all or part of the string. Accepts Regex values.
.PARAMETER includehost
Takes an optional string input used to exclusively include records where the hostname matches all or part of the string. Accepts Regex values.
.PARAMETER excluderecordtype
Takes an optional string input used to exclude specified record types. Accepts Regex values.
.PARAMETER includerecordtype
Takes an optional string input used to exclusively include specified record types. Accepts Regex values.
.PARAMETER computername
Runs the script against the specified DNS server. Defaults to the local machine if not specified.
.PARAMETER zoneonly
If used this alters the output to return only the zone names that contain matches, not the individual records within the zone.
.EXAMPLE
.\search-dns "myrecord"
Search all DNS zones for records including the string "myrecord".
.EXAMPLE
.\search-dns -searchstr "192.168.0.1" -zonenamefilter "mydomain" -excludehost "www|@"
Search all DNS zones containing "mydomain" in their name for records pointing to "192.168.0.1" and exclude records with a hostname of "www" or "@".
.EXAMPLE
.\search-dns -searchstr "mydomain" -zonenamefilter ".info" -excluderecordtype "MX|NS"
Search all records excluding MX and NS records in all .info domains for the string "mydomain".
.EXAMPLE
.\search-dns -searchstr "mail.mydomain.com" -includerecordtype "MX" -zoneonly
Search all MX records in all zones that contain "mail.mydomain.com" and then list the zone names not the records themselves.
.EXAMPLE
.\search-dns -searchstr "192.168.0.1" -zonenamefilter "mydomain" -includehost "www" -includerecordtype "A" -computername dc2
Search for a specific record on a machine other than localhost, for instance to confirm that a locally added record has replicated to another name server.
#>
Param(
[parameter(position=1)]
[string]$searchstr,
[parameter(position=2)]
[string]$zonenamefilter,
[parameter(position=3)]
[string]$excludehost,
[parameter(position=4)]
[string]$includehost,
[parameter(position=5)]
[string]$excluderecordtype,
[parameter(position=6)]
[string]$includerecordtype,
[parameter(position=7)]
[string]$computername=$env:COMPUTERNAME,
[parameter(position=8)]
[switch]$zoneonly
)
Function SearchZone ($ZoneArg)
# Function takes the current zone as an argument, filters the required records based on which options have been
# passed to the script via the script parameters
{
$current=get-dnsserverresourcerecord -zonename $ZoneArg.zonename -ComputerName $computername
if ($excludehost -ne "")
{
# Filters out records where the hostname matches $excludehost so they're not displayed
$current=@($current | where-object {$_.Hostname -notmatch $excludehost})
}
if ($excluderecordtype -ne "")
{
# Filters out records where RecordType matches $excluderecordtype so they're not displayed
$current=@($current | where-object {$_.RecordType -notmatch $excluderecordtype})
}
if ($includehost -ne "")
{
# Exclusively include records where HostName matches $includehost
$current=@($current | where-object {$_.Hostname -match $includehost})
}
if ($includerecordtype -ne "")
{
# Exclusively include records where RecordType matches $includerecordtype
$current=@($current | where-object {$_.RecordType -match $includerecordtype})
}
# Exclusively include records where RecordData matches $searchstr. Works through each property
# type to include the relevant records in the output
$currentrec=@($current | where-object {$_.RecordData.ipv4address -match $searchstr})
$currentrec=$currentrec + @($current | where-object {$_.RecordData.HostNameAlias -match $searchstr})
$currentrec=$currentrec + @($current | where-object {$_.RecordData.MailExchange -match $searchstr})
$currentrec=$currentrec + @($current | where-object {$_.RecordData.DomainName -match $searchstr})
$currentrec=$currentrec + @($current | where-object {$_.RecordData.DescriptiveText -match $searchstr})
$currentrec=$currentrec + @($current | where-object {$_.RecordData.PrimaryServer -match $searchstr})
$currentrec=$currentrec + @($current | where-object {$_.RecordData.NameServer -match $searchstr})
$currentrec=$currentrec + @($current | where-object {$_.RecordData.IPv6Address -match $searchstr})
$currentrec=$currentrec + @($current | where-object {$_.RecordData.PtrDomainName -match $searchstr})
$currentrec=$currentrec + @($current | where-object {$_.HostName -match $searchstr})
return $currentrec
}
# Generate a list of all primary zones, eg exclude secondaries
$zonelist=get-dnsserverzone -ComputerName $computername | Where-Object {$_.zonetype -eq 'Primary'}
# If something's entered in $zonenamefilter filter zones to exclude them
$zonelist=$zonelist | Where-Object {$_.zonename -match $zonenamefilter}
# Generate table headers in output since otherwise when it displays automatically the first zonename
# is listed above the headers. Display alternate header is -zoneonly switch used.
if ($zoneonly -ne $TRUE)
{
write-host "HostName RecordType TimeStamp TimeToLive RecordData"
write-host "-------- ---------- --------- ---------- ----------"
}
else
{
write-host "Zones containing matching values:"
write-host "---------------------------------"
}
# Loop through the list of zones
foreach ($zone in $zonelist)
{
# Pass current zone to search zone function and retrieve results
$zonerecord=SearchZone $zone
if ($zonerecord -ne $NULL)
{
if ($zoneonly -ne $TRUE)
{
# Output results grouped by zone
write-host
write-host "Domain - " $zone.zonename
$zonerecord | format-table -hidetableheaders
}
else
{
# Output zone names only that contain matches
write-host $zone.zonename
}
}
}