Home > Uncategorized > Tools: AD DNS backup and restore

Tools: AD DNS backup and restore

http://searchwindowsserver.techtarget.com/tip/0,289483,sid68_gci1305271,00.html

Backup:
DNSCMD /zoneexport [ZONE] [file]
ex: dnscmd /zoneexport poo.local poo.local.dns.bak
(saves to c:\windows\system32\dns\poo.local.dns.bak)

Restore:
“…restoring the backup is a little bit trickier. That’s because you can’t just tell the DNSCMD command to restore the file as an Active Directory integrated zone. Instead, you have to tell DNSCMD to create a primary zone based on your backup file. Once you have done that, you can convert the primary zone to an Active Directory integrated zone.

The first thing you need to do is move the backup file that you created from the %systemroot%\system32\dns\backup folder to the %systemroot%\system32\dns folder. This allows DNSCMD to discover the backup file. After doing so, run the following command:

DNSCMD /zoneadd Contoso.com /primary /file Contoso.com.dns.bak /load

In the command above, the /zoneadd switch tells DNSCMD that you want to create a new zone. The /Primary switch indicates that you are creating a primary zone. You then used the /File switch and the name of your backup file to indicate which file you want to create the new zone from.

The /LOAD switch in this command is very important. It tells DNSCMD to load the zone information from the file that was just specified. Had you omitted the /LOAD switch, DNSCMD would have created a new zone file and overwritten the contents of the backup file.

Now that you have created a new primary zone, you need to convert the zone to an Active Directory integrated zone. To do so, just use this command:

DNSCMD /zoneresettype Contoso.com /dsprimary

Once you enter this command, you’re all set. However, secure dynamic updates for the zone are not enabled by default. If you want to enable secure dynamic updates, then you must enter the following command:

DNSCMD /config Contoso.com /allowupdate 2

1) Create primary zone using file:
DNSCMD /zoneadd [ZONE] /primary /file [file, must be located in c:\windows\system32\dns\] /load
ex: dnscmd /zoneadd poo.local /primary /file poo.local.dns.bak /load

2) Convert primary zone to active directory integrated zone:
DNSCMD /zoneresettype Contoso.com /dsprimary
ex: dnscmd /zoneresettype poo.local /dsprimary

3) Only allow secure updates:
DNSCMD /config Contoso.com /allowupdate 2
ex: dnscmd /config poo.local /allowupdate 2

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: