Using PowerShell to test Active Directory-integrated DNS resolution

May 8, 2017 Dan Franciscus

Off

For anyone who has worked with Active Directory, they know that AD is dependent on it’s associated DNS zones/records. If for some reason these stop resolving, all hell breaks loose in the environment.

To monitor these necessary zones are resolving in DNS, I turned to PowerShell and wrote a simple script to test resolving the tcp, msdcs, udp, sites, domaindnszones and forestdnszones zones that I run from a client machine.

$Domain = 'domain.com'
$Zones = ('_tcp.','_msdcs.','_udp.','_sites.','domaindnszones.','forestdnszones.')

foreach ($Zone in $Zones)
{
    try
    {
        if (Resolve-DnsName -Name $Zone$Domain -ErrorAction Stop)
        {
            Write-Output "$Zone$Domain Resolved"
        }
    }
    catch
    {
        Write-Warning  "$Zone$Domain not resolving"
    }
}

Comments are closed.

WinSysBlog

Using PowerShell to test Active Directory-integrated DNS resolution