Posh Security

View Original

DNS Cleanup - Removing an old DNS Server

The script that is outlined below was written very quickly one night. The issue was we had several old decomissioned/dead DNS servers in the environment, and a lot of DNS namespaces to remove them from (aproximately 10 forward and 20 reverse lookup zones). It should be noted that this script assumes we can make a change on a single master server and replication (hopefully AD Integrated) will take care of the rest.

Enjoy.

$masterdns = "<Primary DNS FQDN>"

$olddnshost = read-host "Enter new host name (FQDN)"

$enumzones = get-WMIObject -Computer $masterdns -Namespace "root\MicrosoftDNS" `
    -Class "MicrosoftDNS_Zone"

foreach ($zone in $enumzones)
{
    if ($zone.zonetype -eq 1)
    {
        write-host ""
        $name = $zone.name

        dnscmd $masterdns /recorddelete $name "@" NS $olddnshost
       
        Write-Host "NS Record for "$olddnshost " deleted from "$name
    }

}