DNS Commands for Windows

...believe it or not, Microsoft actually has a set of commands for DNS. Although they're threatening to take it way, with no real replacement;

dnscmd localhost /recorddelete XYZ.com SEM A /f

dnscmd localhost /recordadd    XYZ.com SEM A 96.77.203.194

dnscmd localhost /zonewriteback XYZ.com

dnscmd localhost /reload XYZ.com

dnscmd localhost /zoneresetsecondaries XYZ.com /SecureList 192.168.2.1 /NotifyList 192.168.2.1

dnscmd . /recordadd XYZ.NET _acme-challenge NS ABC.XYZ.com (but first, add it as a master zone to all the slave servers)

for /f "skip=6 tokens=1" %i in ('dnscmd . /enumzones') do @echo %i

--- script for extracting Zone Name (with filter) ----------------------------

@echo off

setlocal EnableDelayedExpansion

set "CMD=dnscmd . /enumzones"

for /f "skip=6 tokens=1" %%i in ('%CMD%') do (

if /I "%%i"=="Command" goto :continue

set "val=%%i"

call :strlen val len

call :strnum val numstart

if not !len! EQU 1 if not !numstart! EQU 1 echo !val!

)

goto :eof

:strlen

setlocal EnableDelayedExpansion

set "str=!%~1!"

set /a n=0

:strlen_loop

if not "!str:~%n%,1!"=="" (

set /a n+=1

goto :strlen_loop

)

endlocal & set "%~2=%n%"

exit /b

:strnum

setlocal EnableDelayedExpansion

set "s=!%~1!"

set "first=!s:~0,1!"

set "result=0"

for %%d in (0 1 2 3 4 5 6 7 8 9) do (

if "!first!"=="%%d" set "result=1"

)

endlocal & set "%~2=%result%"

exit /b

:continue

---------------------------------------

/Info                      -- Get server information

  /Config                    -- Reset server or zone configuration

  /EnumZones                 -- Enumerate zones

  /Statistics                -- Query/clear server statistics data

  /ClearCache                -- Clear DNS server cache

  /WriteBackFiles            -- Write back all zone or root-hint datafile(s)

  /StartScavenging           -- Initiates server scavenging

  /IpValidate                -- Validate remote DNS servers

  /EnumKSPs                  -- Enumerate available key storage providers

  /ResetListenAddresses      -- Set server IP address(es) to serve DNS requests

  /ResetForwarders           -- Set DNS servers to forward recursive queries to

  /ZoneInfo                  -- View zone information

  /ZoneAdd                   -- Create a new zone on the DNS server

  /ZoneDelete                -- Delete a zone from DNS server or DS

  /ZonePause                 -- Pause a zone

  /ZoneResume                -- Resume a zone

  /ZoneReload                -- Reload zone from its database (file or DS)

  /ZoneWriteBack             -- Write back zone to file

  /ZoneRefresh               -- Force refresh of secondary zone from master

  /ZoneUpdateFromDs          -- Update a DS integrated zone by data from DS

  /ZonePrint                 -- Display all records in the zone

  /ZoneResetType             -- Change zone type

  /ZoneResetSecondaries      -- Reset secondary\notify information for a zone

  /ZoneResetScavengeServers  -- Reset scavenging servers for a zone

  /ZoneResetMasters          -- Reset secondary zone's master servers

  /ZoneExport                -- Export a zone to file

  /ZoneChangeDirectoryPartition -- Move a zone to another directory partition

  /ZoneSeizeKeymasterRole    -- Seize the key master role for a zone

  /ZoneTransferKeymasterRole -- Transfer the key master role for a zone

  /ZoneEnumSKDs              -- Enumerate the signing key descriptors for a zone

  /ZoneAddSKD                -- Create a new signing key descriptor for a zone

  /ZoneDeleteSKD             -- Delete a signing key descriptor for a zone

  /ZoneModifySKD             -- Modify a signing key descriptor for a zone

  /ZoneValidateSigningParameters -- Validate DNSSEC online signing parameters for a zone

  /ZoneSetSKDState           -- Set Active and/or Standby keys for a signing key descriptor for a zone

  /ZoneGetSKDState           -- Retrieve dynamic state for a signing key descriptor for a zone

  /ZonePerformKeyRollover    -- Trigger a key rollover in a signing key descriptor for a zone

  /ZonePokeKeyRollover       -- Trigger a key rollover in a signing key descriptor for a zone

  /ZoneSign                  -- Signs the zone using DNSSEC online signing parameters

  /ZoneUnsign                -- Removes DNSSEC signatures from a signed zone

  /ZoneResign                -- Regenerate DNSSEC signatures in a signed zone

  /EnumRecords               -- Enumerate records at a name

  /RecordAdd                 -- Create a record in zone or RootHints

  /RecordDelete              -- Delete a record from zone, RootHints or cache

  /NodeDelete                -- Delete all records at a name

  /AgeAllRecords             -- Force aging on node(s) in zone

  /TrustAnchorAdd            -- Create a new trust anchor zone on the DNS server

  /TrustAnchorDelete         -- Delete a trust anchor zone from DNS server or DS

  /EnumTrustAnchors          -- Display status information for trust anchors

  /TrustAnchorsResetType     -- Change zone type for a trust anchor zone

  /EnumDirectoryPartitions   -- Enumerate directory partitions

  /DirectoryPartitionInfo    -- Get info on a directory partition

  /CreateDirectoryPartition  -- Create a directory partition

  /DeleteDirectoryPartition  -- Delete a directory partition

  /EnlistDirectoryPartition  -- Add DNS server to partition replication scope

  /UnenlistDirectoryPartition -- Remove DNS server from replication scope

  /CreateBuiltinDirectoryPartitions -- Create built-in partitions

  /ExportSettings            -- Output settings to DnsSettings.txt in the DNS server database directory

  /OfflineSign               -- Offline signing zone files, including key generation/deletion

  /EnumTrustPoints           -- Display active refresh information for all trust points

  /ActiveRefreshAllTrustPoints -- Perform an active refresh on all trust points now

  /RetrieveRootTrustAnchors  -- Retrieve root trust anchors via HTTPS