Mark Minasi's Windows Networking Tech Page
Issue #69 Late March 2008

Document copyright 2008 Mark Minasi; please see below for info on subscribing, unsubscribing or copying portions of this text.

What's Inside

  • News
    • New Installing, Managing and Troubleshooting Windows Server 2008 seminar is coming to Chicago THIS THURSDAY
    • Download My "What's New in Vista SP1" PowerPoint
  • Tech Section
    • DNS Cheat Sheet
  • Conferences
  • Bring a Seminar to Your Site
  • Special Discount for European On-Site Clients
  • To Subscribe, Unsubscribe, Read Old Newsletters or Change Your Email Address


Hi all —

I just finished the DNS chapter in the first of my three books on Server 2008.  Included in that chapter is a handy-dandy command line reference to DNS, (nearly) everything you need to run your DNS server (whether 2000, 2003 or 2008) from the command line.  I thought I’d share it with you, so please give it a look.

But first, a word from our sponsor...

New Installing, Managing and Troubleshooting Windows Server 2008 seminar is coming to Chicago THIS THURSDAY

After a five year wait, Microsoft released Windows Server 2008 on 27 February 2008.  It's the biggest version of Server ever (which, I realize, is pretty much "by definition" for any new version of Server, granted) and it brings lots of changes... so it's time to learn about it!   Whether you intend to roll out Server 2008 immediately or in three years, you need to know exactly what benefits, challenges, and opportunities this latest version of Server offers.  You could download a small mountain of white papers (mostly written based on Beta 3 and thus are only partially correct), and spend a few weeks testing it to discover the hundreds of changes that 2008 brings... or you could come spend a couple of days with me.  I'll tell you and show you what's changed from Server 2003 to Server 2008 — the good, the bad, the wonderful and the awful ... with a chuckle or two thrown in.  I'll be in the Chicago (near O'Hare) March 27 and 28, and we just barely have room for a few more.  You can get all the scoop at   I hope to see some of you there!

Download My "What's New in Vista SP1" PowerPoint

I realize that I'm one of only about 17 people in the world using Vista (well, okay, maybe it's 19), but if you're interested in learning what Vista's new SP1 brings, I've summarized it in a PowerPoint I'll be presenting a few times this year.  You're welcome to take a sneak peek at the presentation by downloading it at  (And besides, I can always use the feedback.)

Tech Section: DNS Command-Line Cheat Sheet

I just finished the first DNS chapter in my Elements book, the first of my three-book series on Server 2008. I always love talking about DNS -- it’s a fun topic -- but this particular chapter was a joy to write because I mostly threw away the old chapter and wrote an all-new one.  In the process, I got a chance to include a lot of coverage of command-line support, now that Microsoft’s gotten serious about letting us do more and more with the command line. It dawned on me, however, that people wanting to refer to my command-line coverage in the chapter might not want to have to look through 100 pages of text, and so I collected all of the CLI DNS commands that I used throughout the chapter into a sort of “DNS cheat sheet.”

It’ll be months before the book arrives, though, and so I thought I’d post this on my site in the hopes that it’ll be of use to someone.


DNSCMD option



Do any dnscmd command on a remote system

dnscmd servername command

dnscmd /zoneprint


Create a primary zone

dnscmd /zoneadd zonename /primary

dnscmd /zoneadd /primary


Create a secondary zone

dnscmd /zoneadd zonename /secondary master IP address

dnscmd /zoneadd /secondary


Host a zone on a server based on an existing (perhaps restored) zone file

dnscmd /zoneadd zonename /primary /file filename /load

dnscmd /zoneadd /primary /file /load


Delete a zone from a server

dnscmd /zonedelete zonename [/f]

dnscmd /zonedelete /f

(without the /f, dnscmd asks you if you really want to delete the zone)

Show all of the zones on a DNS server

dnscmd /enumzones

dnscmd /enumzones


Dump (almost) all of the records in a zone

dnscmd /zoneprint zonename

dnscmd /zoneprint

Doesn’t show glue records.

Add an A record to a zone

dnscmd /recordadd zonename hostname A ipaddress

dnscmd /recordadd mypc A


Add an NS record to a zone

dnscmd /recordadd zonename @ NS servername

dnscmd /recordadd @  A


Delegate a new child domain, naming its first DNS server

dnscmd /recordadd zonename childname NS dnsservername

dnscmd /recordadd test NS

This would create the “” DNS child domain unter the DNS domain

Add an MX record to a zone

dnscmd /recordadd zonename @ MX priority servername

dnscmd /recordadd @ MX 10


Add a PTR record to a reverse lookup zone

dnscmd /recordadd zonename lowIP PTR FQDN

dnscmd /recordadd 3 A

This is the PTR record for a system with IP address

Modify a zone’s SOA record

dnscmd /recordadd zonename @ SOA primaryDNSservername responsibleemailipaddress serialnumber refreshinterval retryinterval expireinterval defaultTTL

dnscmd /recordadd @ SOA 41 1800 60 2592000 7200

Ignores the serial number if it’s not greater than the current serial number

Delete a resource record

dnscmd /recorddelete zonename recordinfo [/f]

dnscmd /recorddelete @ NS /f

Again, “/f” means “don’t annoy me with a confirmation request, just do it.”

Create a resource record and incorporate a nonstandard TTL

dnscmd /recordadd zonename leftmostpartofrecord TTL restofrecord

dnscmd /recordadd pc34 3200 A


Reload a zone from its zone file in \windows\system32\dns

dnscmd /zonereload zonename

dnscmd /zonereload

Really only useful on primary DNS servers

Force DNS server to flush DNS data to zone file

dnscmd /zonewriteback zonename

dnscmd /zonewriteback


Tell a primary whom to allow zone transfers to

dnscmd /zoneresetsecondaries zonename /nonsecure|securens

dnscmd /zoneresetsecondaries /nonsecure

That example says to allow anyone who asks to get a zone transfer

Enable/disable DNS NOTIFY

dnscmd /zoneresetsecondaries zonename /notify|/nonotify

dnscmd /zoneresetsecondaries /nonotify

Example disables DNS notification, which is contrary to the default settings.

Tell a secondary DNS server to request any updates from the primary

dnscmd /zonerefresh zonename

dnscmd /zonerefresh


Enable or disable dynamic DNS on a zone

dnscmd /config zonename /allowupdate 1|0

1 enables, 0 disables, 0 is default


Stop the DNS service

Either net stop dns or sc stop dns


(No dnscmd command for this)

Start the DNS service

Either net start dns or sc start dns


(No dnscmd command for this)

Install the DNS service on a 2008 full install system

servermanagercmd -install dns



Install the DNS service on a 2008 Server Core system

ocsetup DNS-Server-Core-Role


Case matters -- ocsetup dns-server-core-role would fail

Uninstall the DNS service on a 2008 Server full install system

servermanagercmd -remove dns



Uninstall the DNS service on a 2008 Server Core system

ocsetup /uninstall DNS-Server-Core-Role





I'm speaking at lots of conferences this spring and if you can't make to my March seminars, please join me at...

The Minasi Forum Meet 2008 in Virginia Beach April 19-23

If you read this newsletter then you probably already know that I've run an online forum at for the past five and a half years, and if you ever hang around the forum then you know that there are a lot of friendly and helpful people there.  For the third time in as many years, we're all getting together to learn from each other, put faces to those online names and have another great time.  This year we've got some great guest speakers, including group policy guru Jeremy Moskowitz, PowerShell maven Don Jones, our own deployment diva Rhonda Layfield, Mr. Cisco himself (Todd Lammle), and a bunch of other great speakers covering a variety of topics that may surprise you.  Find out more at; I hope to see you there.

TechTarget Vista Road Shows in Chicago, Denver, Raleigh, DC and Minneapolis

TechTarget has been kind enough to ask me back for some more of the one-day Vista road shows that have packed 'em in since Spring 2007.  The next few cities are Chicago, Denver, Raleigh, DC and Minneapolis in March, April, May, August and September.  It's free so how can you go wrong ... unless you don't sign up before all of the seats are gone?  More info at

TechMentor In San Francisco, Orlando, New York and Las Vegas

If you're looking for a Windows technical conference then you'll have plenty to choose from this year, as the TechMentor folks will be running four shows this year:  San Francisco on the week of March 30, Orlando on the week of May 12, New York (Brooklyn, actually) the week of 7 September, and Vegas on the week of 13 October.  I'm doing a bunch of new breakout sessions, some content on Server 2008 (of course) and more.  Info at

Windows Connections in Orlando the Week of 27 April

If it's spring, we must be in Orlando!  Once again, Penton — the folks who put out the magazine that I write for — has assembled their "mega-show" that co-locates their techie shows on Windows, Exchange, SharePoint, SQL, and all kinds of developer stuff, all in the same week.  The show is in the Hyatt Grand Cypress, the place they've run it the past few years and not a bad location.  I'll be keynoting and presenting technical sessions, including my new "What's IPv6 all about and why do you care?" talk.  Information at

The Netherlands in May!

I'll be visiting our Dutch friends in late May to do a short keynote and my two-day Server 2008 seminar (in English -- my Dutch doesn't extend very far past that variety of chocolate, unfortunately).  Visit for more information.

TechEd US Orlando 10-13 June

Microsoft gave me six talks this year at the "IT Pro" part of TechEd US 2008, so you know I'm looking forward to it! If you'll be at TechEd 2008, please come by for one or all of my talks.  I'm doing

  • Understanding IPv6:  A Guide for the Reluctant
  • CompletePC, Inside Out:  Using Vista and 2008's Disaster Recovery Tool
  • Windows Logons Revealed:  Everything You Must Know About Kerberos
  • Vista's SP1, from A to Z
  • Going Cold Turkey on the GUI:  Server Core Step By Step
  • DNS 2008 Style: Name Resolution with Server 2008

Bring Mark to Your Site to Teach

I'm keeping busy doing Vista seminars and writing, but I've still got time to visit your firm.  In just two days, I'll make your current NT techies into 2008, Vista, security, XP, Active Directory or 2003 experts.  (And better yet, they won't have to sit through any Redmondian propaganda.)  To join the large educational, pharmaceutical, agricultural, aerospace, utility, banking, government, telecommunication, law enforcement, publishing, transportation, military and other organizations that I've assisted, either take a peek at the course outlines at, mail our assistant Jean Snead at, or call her at (757) 426-1431 (only between noon-5 Eastern time, weekdays, please).

Special European Discount for On-Site Clients!

Well, sort of,.  Since the dollar's currently so weak against the euro, why not hire me now, before things change?<g>

Until Next Month...

Have a quiet and safe month. 

Please share this newsletter; I hope that it is a useful source of Windows technical information.  Please forward it to any associates who might find it helpful, and accept my thanks.  We are now at over 45,000 subscribers and I hope to use this to get information to every one of my readers. Many, many thanks to the readers who have mailed me to offer suggestions, errata, and those kind reviews.  As always, I'm at and please join us at the Forum with technical questions at  Thanks for letting me visit with you, and take care. 

To Subscribe/Unsubscribe, Read Old Newsletters or Change Your Email Address

To subscribe, visit To change e-mail or other info, link to  To unsubscribe, link to Visit the Archives at Please do not reply to this mail; for comments, please link to

All contents copyright 2008 Mark Minasi. You are encouraged to quote this material, SO LONG as you include this entire document; thanks.