top of page

PowerShell | Check DHCP & DNS Scripts

Auditing Domain DNS Records to Remove Stale Static Entries

Regularly auditing and removing stale static DNS entries in a domain is a crucial task for maintaining a healthy, secure, and efficient network. Here are the key reasons why this practice is essential:

1. Maintaining Network Integrity

Key Points:

  • Accurate Resolution: Stale DNS records can lead to incorrect IP address resolution, causing connectivity issues and impacting user access to network resources.

  • Reduced Latency: Removing outdated entries can improve DNS query response times, leading to reduced network latency and improved overall performance.

  • Optimized DNS Server Performance: A clean and up-to-date DNS database enhances the performance of DNS servers by reducing the processing load and speeding up query responses.

Example: Removing stale entries for decommissioned servers prevents the DNS from returning outdated addresses, ensuring clients are directed to active resources.

2. Enhancing Network Security

Key Points:

  • Mitigating Attack Surface: Stale DNS entries can be exploited by attackers to redirect traffic to malicious servers (DNS poisoning). Regular audits help mitigate this risk.

  • Preventing Unauthorized Access: Outdated records might point to IP addresses that are now assigned to different, possibly unauthorized devices, posing a security threat.

  • Supporting Incident Response: Accurate DNS records help in quickly identifying and responding to security incidents by ensuring network traffic is properly routed.

Example: Removing DNS records for old VPN servers ensures that new devices do not accidentally or maliciously gain access to network segments they shouldn't.

3. Improving Network Troubleshooting and Management

Key Points:

  • Simplified Troubleshooting: Accurate DNS records make it easier to diagnose and resolve network issues, as there is no confusion caused by obsolete entries.

  • Efficient Network Management: A clean DNS database aids in effective network management, allowing administrators to focus on active and relevant resources.

  • Resource Allocation: Prevents the waste of IP addresses and other network resources by ensuring that only active devices are registered.

Example: Accurate DNS records help in quickly isolating issues related to service unavailability, as there are no stale records to mislead the diagnostic process.

4. Supporting Compliance and Best Practices

Key Points:

  • Regulatory Compliance: Some industries have regulations requiring accurate and regularly updated DNS records. Regular audits help meet these compliance standards.

  • Adherence to Best Practices: Regular maintenance and auditing of DNS records are part of IT best practices, ensuring a well-managed and secure network environment.

  • Documentation: Ensures that network documentation is accurate, aiding in audits and assessments.

Example: Regular DNS audits align with ITIL best practices for service management, contributing to overall IT governance and compliance.

Audit and Remove Stale Static DNS Entries

PowerShell provides robust cmdlets for managing DNS records, making it easy to script and automate the auditing.

Get-DnsServerResourceRecord PowerShell Script DNS Records where TimeStamp is Null

<#
When working on DNS Records we have to audit the orphaned Static DNS entries that won't scavenge out.

Get list and test against list from AD - Note: Ran locally on DC and Run as Administrator
#>
Get-DnsServerResourceRecord -ZoneName "MyNewForest.local" | Where{($_.RecordType -eq "A") -and ($_.Timestamp -eq $NULL)}

 

 

<#
Had a list of old computer objects that had not checked in, in over 90 days, wanted to
loop through list and see if they existed in DNS. Since we had scavenging enabled all of
the old records were removed but one. The record found, I checked Timestamp and removed
it from the project.

This simply imports a list of computers and checks to see if there is a Host A record for it in DNS
#>

$List = Get-Content C:\temp\ServerList.txt

Foreach($Comp in $List){
    Get-DnsServerResourceRecord -ZoneName "MyNewForest.local" -ErrorAction Continue | Where{$_.HostName -eq $Comp}`
    | Select HostName,RecordData,Timestamp | Export-CSV C:\temp\MyDNS.csv -NoTypeInformation -Append
}

Get-DnsServerResourceRecord PowerShell Script Query DNS Records for Specific Systems

Get-WMIObject PowerShell Script Checks for DHCP Enabled

<#
    .Summary:  
        Get list of servers from AD
        Loop through servers and test access
        Use WMI to get NIC settings in relation to specific IP
        Check if that NIC with IP Scheme has DHCP value enabled 
        Export results to file
    .Author:   Scott Head
    .Date:     05/09/2022
    .Version:  1.0 
#>

# Get all Enabled Computers from IT
$Server_Computers="Localhost" #Get-ADComputer -Properties * -Filter {(Enabled -eq $True) -and (Operatingsystem -Like "Windows Server*")} | Select -ExpandProperty Name
#Array of Computers
$Array=@()
# Test network connection 
Foreach($Computer in $Server_Computers){
    $Checker=Test-Connection $Computer -Count 1 -Quiet    
    If($Checker){$Array+=$Computer}       
    $Computer
}
Foreach($Comp in $Array){
    $Result=Get-WMIObject -ComputerName $Comp Win32_NetworkAdapterConfiguration | where{$_.IPAddress -like "192.*"} | select -ExpandProperty DHCPEnabled
    "$Comp | $Result" | Tee-Object C:\temp\DHCP.txt -Append
}

Get-WMIObject PowerShell Script to Gather NIC DNS Settings on All Systems and Export to CSV File.

# Get List of Computers

$MyComputers = Get-ADComputer -filter * -Properties * | Where{($_.Enabled -eq $True) -and ($_.Operatingsystem -like "Windows*")} | Select -ExpandProperty Name

# Instantiate Array

$MyArray = @()

$MyFails = @()

# Check Access to Each Computer

Foreach ($Comp in $MyComputers) {

    If ((Invoke-Command -ErrorAction SilentlyContinue –ComputerName $comp –ScriptBlock { 1 }) –eq 1) {

        $MyArray += $Comp

    }

    Else {

        $MyFails += $Comp

    }

}

# Export Pass failed for Further Review

$MyArray | Out-File C:\temp\PassedDNSSystems.txt

$MyFails | Out-File C:\temp\FailedDNSSystems.txt

# ---- Main Command to be Executed------

$MyCommand = {

    $MyNS = Get-WmiObject Win32_NetworkAdapterConfiguration | Where-Object { ($_.DNSServerSearchOrder -ne $null) } | Select -ExpandProperty DNSServerSearchOrder

# Pull DNS Settings add to Object

    $Obj = New-Object PSObject

    $Obj | Add-Member NoteProperty ServerName ($env:COMPUTERNAME)

    $Obj | Add-Member NoteProperty DNS_Settings ($MyNS)

    Return $Obj

} #End Main Command

# ------ Execution & Export to File ------------

$MyReturnValues = Invoke-Command $MyArray -ScriptBlock $MyCommand

$MyReturnValues | Select ServerName, DNS_Settings | Export-Csv C:\temp\DNS.csv -NoTypeInformation -Append

bottom of page