This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 12%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Hi all,
We have many reverse lookup zones in our AD integrated zone of our domain mydomain.local.
How to retrieve all PTR records for each reverse lookup zones through script?
Unfortunately I don't have much knowledge of how to create Powershell script, so I hope someone has an example
for me similar to this that I can reuse.
Thank you!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 74%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
Like this: Get-DnsServerResourceRecord -ZoneName "reverse-lookup-zone-name"
thanks. if I retrieve PTR records from the csv file with server name and IP address, can you share as checking each rerecord to reverse lookup zones is time consuming? thank you!
Can you supply the contents of a few lines of that CSV?
If you have IP addresses like "192.168.1.240" and the DNS zones are "1.168.192.in-addr.arpa" , "2.168.192.in-addr.arpa", "3.168.192.in-addr.arpa", etc. Then something like this would work:
$IP = '192.168.1.240'
$name = ($IP -split "\.")[3]
$zonename = "{0}.in-addr.arpa" -f (($IP -split "\.")[2,1,0] -join ".")
Get-DNSServerResourceRecord -ComputerName YOUR-DNS-SERVER-NAME -name $name -zonename $zonename -RRType PTR
This assumes that the reverse lookup zones are class "C" where only one octet represents the host and three octets represent the network. How YOUR DNS is managing zones only you know (so far).
@Rich Matheisen thank you for taking time to help. yes. we do have the class C. The CSV file has the last octet of IP, reverse zone and host name. tried to report PTR info group by zoneinfo from the CSV. Can you help? Thank you!
When dealing with PTR records, the HOST is that part of the IP address that uniquely identifies the PTR record within the zone. The name in the PTR record (while it's usually a DNS name) doesn't necessarily refer to an A (or any other type of DNS record). There's nothin in DNS that states, for instance, that an A or AAAA record has to have an associated PTR record, or that a PTR record has to represent the DNS name of any other record in your (or any) DNS servers forward lookup zones.
Given that, this will attempt to find a PTR record given the data in the CSV:
# CSV has these columns: Host, ZoneName, Data
Import-CSV YOUR-CSV-NAME-GOES-HERE |
ForEach-Object{
Get-DNSServerResourceRecord -ComputerName YOUR-DNS-SERVER-NAME -name $_.Host -zonename $_.ZoneName -RRType PTR
}
Note that there's no error handling, and that I have no idea what you want to do with the information in the PTR if one is found.
I tried to find out which PTR record is not static from the CSV file mentioned. after selecting and outputting to the report, I got the following which still missed reverse zoneinfo. any better way to find out which PTR record is not static from the CSV file mentioned? thank you!!!
hostname timestamp RecordData
60 5/23/2022 0:00 server1.test.local
You said the CSV has the zone name. If you need that in the output then pipe the output from Get-DNSServerResourceRecord to Select-Object with HostName, TimeStamp, RecordData, and a calculated property that uses $_.ZoneName as its value and a name/label like 'ZoneName'.
sorry for a while. tested out with a calculated property mentioned, returned empty results. Thanks
Give this a try -- NOTE: it must be "Run as administrator". Also, it works only with AD-integrated DNS zones:
$Zone = "1.168.192.in-addr.arpa"
$DnsServer = (Get-ADDomain).ReplicaDirectoryServers[0]
$DnsRecordQueryParams = @{
'Computername' = $DnsServer
'Class' = 'MicrosoftDNS_PTRType'
'Namespace' = 'root\MicrosoftDNS'
'Filter' = "ContainerName = '$Zone' AND OwnerName <> '$Zone'" # AND Timestamp <> 0 <=== add this if you want only dynamic records
}
Get-WmiObject @DnsRecordQueryParams |
ForEach-Object {
$parts = $_.Textrepresentation -split " "
$reverse = $parts[0] -replace '\.in-addr\.arpa', ""
$ipparts = $reverse -split "\." # IPv4 ONLY!!!!!
$ip = $ipparts[(($ipparts.count - 1)..0)]
[PSCustomObject]@{
'DnsServerName' = $DnsServer
'Zone' = $_.DomainName
'Host' = $ipparts[0]
'Name' = $_.RecordData
'Type' = if ($_.timestamp -gt 0) { 'Dynamic' } else { 'Static' }
'IP' = ($ip -join ".")
}
}
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 8%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHS%3C/text%3E%3C/svg%3E)
Awesome script works great, saved me a lot of time. Thanks !!