Andrea Danti - Fotolia


Use PowerShell for help with DNS server management

Administrators can use point-and-click management tools to update DNS servers, but a PowerShell script will automate these routine tasks.

IT administrators may have a repetitive job, but that doesn't mean they want to point and click to do a task over...

and over. For admins who use the domain name system management console regularly, PowerShell provides a better way to complete maintenance tasks.

With PowerShell, an admin can not only perform DNS server management from the command line for quick one-off jobs, but also collect those commands into a script to handle numerous time-consuming tasks.

To start automating DNS server management, connect to the servers via PowerShell and use the common administrative examples provided in this article.

Prerequisites for DNS server automation

With PowerShell, an admin can not only perform DNS server management from the command line for quick one-off jobs, but also collect those commands into a script to handle numerous time-consuming tasks.

Take care of a few prerequisites before connecting to the DNS servers. Ensure you have permissions to read, modify and remove various DNS objects on your servers.

These automation concepts relate to DNS servers in an Active Directory (AD) domain with AD-integrated zones. PowerShell can manage zones and records outside of Active Directory, but the results will vary.

Install Remote Server Administration Tools on the client system.

Check for DNSServer availability

Ensure the PowerShell DNSServer module is available with the Get-Module cmdlet. (Figure 1).

Get-Module DNSServer –ListAvailable

Get-Module cmdlet
Figure 1: The Get-Module cmdlet shows if the DNSServer module is available.

With the module installed, an administrator can use commands to perform various tasks on DNS servers from PowerShell.

Find the DNS records

When exploring new functionality, start with a Get PowerShell cmdlet to read an object. This ensures the administrator's able to connect to the server with permission to read objects. For DNS server management, start with the Get-DnsServerResourceRecord cmdlet, which pulls DNS records from one or many DNS zones on a Windows DNS server.

For this article, we will use an Active Directory domain called mylab.local. The mylab.local DNS zone already exists on the domain controller. In Figure 2, we use the Get-DnsServerResourceRecord cmdlet to query that DNS zone on the domain controller called DC.

Get-DnsServerResourceRecord -ComputerName DC -ZoneName mylab.local

DNS zone
Figure 2: Use the Get-DnsServerResourceRecord cmdlet to query a DNS zone.

Figure 2 shows that the cmdlet successfully retrieved DNS records from a DNS zone.

If you don't know the zone or want to enumerate all DNS records in all zones on a server, use the DnsServerZone cmdlet instead (Figure 3).

DnsServerZone command
Figure 3: Use the DnsServerZone command to show all DNS records in all zones on a server.

Notice that the Get-DnsServerZone command returns reverse and forward lookup zones as well as the TrustAnchors zone. Use the -Name parameter to pull up a particular desired zone name.

Build static DNS records

To enumerate all DNS records in all zones on a DNS server, pipe the output of Get-DnsServerZone directly to the Get-DnsServerResourceRecord command:

Get-DnsServerZone -ComputerName DC | Get-DnsServerResourceRecord

IT administrators often create static DNS records for servers. With the server names and IP addresses in a comma-separated values (CSV) file, it's easy to read each entry in that CSV file and create records all at once with PowerShell. Consider this example CSV file:


Create an A record in a DNS zone for each server. Start by reading the CSV with the Import-Csv command.

$servers = Import-Csv -Path C:\servers.csv

With the list of servers stored in a variable, we can read each server one at a time and pass them to the Add-DnsServerResourceRecord command.

foreach ($server in $servers) {

    $params = @{

        ZoneName = 'mylab.local'

        ComputerName = 'DC'

        IPV4Address = $server.IPAddress

        Name = $server.Name

        A = $true


    Add-DnsServerResourceRecord @params


Retrieve the newly created records with Get-DnsServerResourceRecord or view them in the DNS server management console after the script runs (Figure 4).

DNS server management console
Figure 4: View the DnsServerResourceRecords in the DNS server management console.

The DnsServer PowerShell module contains many other commands that allow administrators to do just about anything for DNS server management. Build upon these commands to create a much bigger automation script to make changes to several DNS servers quickly without having to click through the management console to do the same thing.

Next Steps

PowerShell security concerns on the rise

Useful PowerShell commands for administrators

PowerShell workflows overcome script restrictions

Dig Deeper on Windows systems and network management