Script to query a recursive DNS record

-I wrote this script around the following command:
“nslookup -debug server1.devcorp.com”
-The above command will display all the servers involved in resolving the DNS name in a recursive domain.
-What the script does is cleans up the output to only show you the actual servers involved in the DNS name resolution
-Once the output is cleaned up, the script will try to resolve the DNS name against each server on the list and will show you whether this particular DNS server is able to resolve the name or not then moves onto the next server on the list.
“nslookup server1.devcorp.com dns_server1.devcorp.com”
See screenshot below.

The script is useful to:
-Find a DNS server that is caching the DNS name after deleting a record
-Replication issues between DNS servers
-Find out which server has resolved the name and which one did not
-I ran it on an A record that was being resolved by our infoblox DNS server completely outside of our domain and it pointed me to the actual server where the DNS record lived. This allowed me to make update the IP.
-There are other uses for it that i haven’t run into yet

Download link: dnslookuptool.ps1

Here is what the script looks like:

<#  
.SYNOPSIS  
Gets a list of all DNS servers involved in a recursive DNS query, then queries against individual DNS Servers in a recoursive DNS domain  
.DESCRIPTION
-The following command is exported to a text file 'nslookup -debug myserver.mylab.local'
-The text file is then scraped to extract only the following text 'primary name server = dc01.mylab.local'
-The text file is then scraped again to remove empty spaces
-The text file is then scraped again to remove the first 22 characters leaving only the FQDN DNS server name
-The script gathers all the DNS servers involved in the DNS query
-The script resolves a DNS query individually against each DNS server and prints it to the screen 'nslookup dnsname dns01.mylab.local'
-Useful to locate a DNS entry in a recursive DNS environment
-Useful to find a cached DNS entry on a specific server after deleting a DNS record
-Useful to find which server is able to resolve a DNS entry
-Useful to find which server is NOT able to resolve a DNS entry
.NOTES  
File Name  : dnslookuptool.ps1  
Author     : Damian Dubik
Requires   : PS {1.0, 2.0, 3.0, 4.0...}	
Date       : Jan 9, 2019
.LINK  

#>
#The script creates the following files in the same directory where the script is run from
#.\dnslookuptool_dump.txt    <--Dump the output from the following command to a file 'nslookup -debug dns01.mylab.local'
#.\dnslookuptool_scrape1.txt <--Scrape the dump file and copy all lines that contain 'primary name server = dns01.mylab.local'
#.\dnslookuptool_scrape2.txt <--Scrape the file and remove blank lines
#.\dnslookuptool_scrape3.txt <--Scrape the file and remove the first 22 characters 'primary name server = dns01.mylab.local'
#At the end of the script the following command is run to execute an nslookup against a specific server 'nslookup server1.mylab.local dns01.mylab.local'

#Begin Clean up, If the file exists delete it
$FileName1 = ".\dnslookuptool_dump.txt"
if (Test-Path $FileName1) 
{
	Remove-Item $FileName1
}
$FileName2 = ".\dnslookuptool_scrape1.txt"
if (Test-Path $FileName2) 
{
	Remove-Item $FileName2
}
$FileName3 = ".\dnslookuptool_scrape2.txt"
if (Test-Path $FileName3) 
{
	Remove-Item $FileName3
}
$FileName4 = ".\dnslookuptool_scrape3.txt"
if (Test-Path $FileName4) 
{
	Remove-Item $FileName4
}
#End Clean up
#Begin prompt for DNS name
Write-host ""
$dnsName = Read-Host -Prompt 'Enter DNS Name' #prompts for DNS name
Write-host ""
#End prompt for DNS name
#Begin Dump the ouput of 'nslookup -debug servername' to a file
nslookup -debug $dnsName > .\dnslookuptool_dump.txt  #dump the output from the following command to a file 'nslookup -debug server1.mylab.local'
#End Dump the output
#Begin Scraping the dump file to extract DNS server names
$Hostname = Get-Content .\dnslookuptool_dump.txt | Select-String -pattern "primary name server" #Extract every line that matches the pattern
echo $Hostname >> .\dnslookuptool_scrape1.txt
$HostnameNoEmptyLines = Get-Content .\dnslookuptool_scrape1.txt | ? {$_.trim() -ne "" } #scrape some more, remove empty lines
$HostnameNoEmptyLines > .\dnslookuptool_scrape1.txt
Get-Content .\dnslookuptool_scrape1.txt | Get-Unique > .\dnslookuptool_scrape2.txt #scrape some more, remove duplicate dns server names
$dnsservers = Get-Content -Path .\dnslookuptool_scrape2.txt -TotalCount 99 | ForEach-Object {$_.substring(23)} #final scrape, remove the first 22 characters 'primary name server = '
echo $dnsservers > .\dnslookuptool_scrape3.txt
#End Scraping the dump file, all the FQDN DNS names are in 'dnslookuptool_scrape3.txt'
Write-host ""
Write-host "Getting a list of all recursive DNS servers" -ForegroundColor black -BackgroundColor green
Write-host ""
#Starting a dotted progress bar to pause screen before printing a list of DNS servers
For ($i=0; $i -le 6; $i++) {
	Start-sleep -m 500
	Write-host "." -nonewline
	Start-sleep -m 500
}
Write-host " OK" -nonewline
#End dotted progress bar
Write-host ""
Write-host ""
Write-host "DNS Servers involved as seen in 'nslookup -debug $dnsname'" -ForegroundColor black -BackgroundColor green
#Output all the DNS involved in the DNS resolution to screen
Write-Host ""
Get-Content .\dnslookuptool_scrape3.txt | foreach {Write-Output $_} 
Write-Host "The above DNS server was queried last in an attempt to resolve the name " -nonewline -ForegroundColor black -BackgroundColor white
Write-host ""
Write-host ""
Write-host "Preparing to resolve DNS name against each server" 									   -ForegroundColor black -BackgroundColor green
Write-host "  -Useful to locate a DNS entry in a recursive DNS environment                       " -ForegroundColor black -BackgroundColor green
Write-host "  -Useful to find a cached DNS entry on a specific server after deleting a DNS record" -ForegroundColor black -BackgroundColor green
Write-host "  -Useful to find which server is able to resolve a DNS entry                        " -ForegroundColor black -BackgroundColor green
Write-host "  -Useful to find which server is NOT able to resolve a DNS entry                    " -ForegroundColor black -BackgroundColor green
Write-host ""
#Start a dotted progress bar, show a dot every half a second for 30 seconds, thi is used to pause the screen
For ($i=0; $i -le 20; $i++) {
	Start-sleep -m 500
	Write-host "." -nonewline
	Start-sleep -m 500
}
Write-host " OK" -nonewline
#End of dotted progress bar
Write-host ""
Write-host ""
Start-sleep -s 4
Write-host "---------------------Begin DNS lookup against each DNS server--------------------" -ForegroundColor black -BackgroundColor cyan
#Begin Read the DNS server name from the 'dnslookuptool_scrape3.txt' file line by line and use the DNS server name from prompt to run nslookup against a specific DNS server
ForEach ($targetComputer in (Get-Content .\dnslookuptool_scrape3.txt)) { #
	Write-host "C:\nslookup $dnsName "$targetComputer
	Write-host $dnsName
	nslookup $dnsName $targetComputer
	Write-host "-------------------------------Next DNS Server-------------------------------" -ForegroundColor black -BackgroundColor cyan
	Start-sleep -s 2
}
#End Read the DNS server name from the 'dnslookuptool_scrape3.txt'
#Begin Clean up, If the file exists delete it.  Clean up after itself
$FileName1 = ".\dnslookuptool_dump.txt"
if (Test-Path $FileName1) 
{
	Remove-Item $FileName1
}
$FileName2 = ".\dnslookuptool_scrape1.txt"
if (Test-Path $FileName2) 
{
	Remove-Item $FileName2
}
$FileName3 = ".\dnslookuptool_scrape2.txt"
if (Test-Path $FileName3) 
{
	Remove-Item $FileName3
}
$FileName4 = ".\dnslookuptool_scrape3.txt"
if (Test-Path $FileName4) 
{
	Remove-Item $FileName4
}
#End Clean up
This entry was posted in Scripting. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *