To make it a bit more scientific than "close your eyes and click OK", here is a couple of lines of PS which can help you identify all records from a DNS zone which would be deleted based on your thresholds.
- Set parameters, DNS server name, the DNS zone and the age threshold which specifies how many days older records should be deleted. Scavenging has a 7 + 7 days "No-refresh" + "Refresh" interval, so records older than 14 days will potentially be deleted when scavenging process runs:
 #set parameters
 $server = "c3podc1"
 $domain = "tatooine.com"
 $agetreshold = 14
- Threshold in hours from Microsoft's beginning of time definition (1st Jan 1601):
 # calculate how many hours is the age which will be the threshold
 $minimumTimeStamp = [int] (New-TimeSpan -Start $(Get-Date ("01/01/1601 00:00")) -End $((Get-Date).AddDays(-$agetreshold))).TotalHours
 
- Enumerate all records older than the time threshold
 # get all records from the zone whose age is more than our threshold $records = Get-WmiObject -ComputerName $dnsServer -Namespace "root\MicrosoftDNS" -Query "select * from MicrosoftDNS_AType where Containername='$domain' AND TimeStamp<$minimumTimeStamp AND TimeStamp<>0 "
 
- List the records and the time stamps
 # list the name and the calculated last update time stamp
 $records | Select Ownername, @{n="timestamp";e={([datetime]"1.1.1601").AddHours($_.Timestamp)}}
The full script:
 #set parameters  
 $dnsServer = "c3podc1"  
 $domain = "tatooine.com"  
 $agetreshold = 14  
   
 # calculate how many hours is the age which will be the threshold  
 $minimumTimeStamp = [int] (New-TimeSpan -Start $(Get-Date ("01/01/1601 00:00")) -End $((Get-Date).AddDays(-$agetreshold))).TotalHours  
   
 # get all records from the zone whose age is more than our threshold   
 $records = Get-WmiObject -ComputerName $dnsServer -Namespace "root\MicrosoftDNS" -Query "select * from MicrosoftDNS_AType where Containername='$domain' AND TimeStamp<$minimumTimeStamp AND TimeStamp<>0 "  
   
 # list the name and the calculated last update time stamp  
 $records | Select Ownername, @{n="timestamp";e={([datetime]"1.1.1601").AddHours($_.Timestamp)}}  
   
t
 
$dnsserver = "c3podc1" <- Correction - change the variable name so it matches the command
ReplyDeletegood catch!
DeleteThanks for this. I didn't have to reinvent the wheel. There is an small error in the code: $server should be $dnsServer, otherwise runs perfectly.
ReplyDeletewell done on finding this bug :) thanks!
Deleteis domain the same as dnszone? I do not get any output from my other zones
ReplyDeleteis domain the same as dnszone? I do not get any output from my other zones
ReplyDeleteis domain the same as dnszone? I do not get any output from my other zones
ReplyDeleteIS domain the same as dnszone?
ReplyDeleteyes, in the example it is, but it can be separated if needed, just make sure you have the right level of access to the DNS servers (or the DCs if they are the ones running the zone.)
DeleteWhat command can i run to put the output to a .csv file
DeleteGood stuff.. Now just need to expand it to email and also tell us when the next scavenging cycle will run.. I'll work on that and post back if I figure it out..
ReplyDeleteThanks for this post. It'll certainly help me.
ReplyDeleteBr,