Configuring Zone Transfers using DNSCMD

If your DNS server is running Windows Server Core, you can configure zone transfers on your DNS server from the command-line by using the DNSCMD command. AD DS–integrated zones store their DNS information in AD DS and replicate this information between domain controllers by using AD DS directory replication. Standard zones store their information in zone files and replicate this information between DNS servers by a process called a zone transfer. When a zone transfer occurs, a primary DNS server for the zone provides the zone information for the secondary DNS server. In this situation, the primary DNS server is called the master DNS server for the zone.

The master server is specified when you create a secondary zone. However, you can specify a different master server afterwards by using Dnscmd. For example, if you are changing the master DNS server for the hr.fabrikam.com zone from SEA-SC2 (172.16.11.31) to SEA-SC4 (172.16.11.33), then you can use the following command to configure the new master on SEA-SC1 (the secondary DNS server for the zone):

dnscmd SEA-SC1 /zoneresetmasters hr.fabrikam.com 172.16.11.33 

Before the secondary DNS server can load the zone information from the master DNS server for the zone, you must configure the master server to allow zone transfers with the secondary server. For example, to configure SEA-SC4 as the master server for the hr.fabrikam.com zone so that it allows zone transfers only to SEA-SC1 (the secondary server for the zone), do this:

dnscmd SEA-SC4 /zoneresetsecondaries hr.fabrikam.com /securelist 172.16.11.30

Zone transfers take place automatically according to their default schedule, but you can also use Dnscmd to force a secondary server to initiate a zone
transfer with its master server. For example, to force SEA-SC1 (the secondary server for the hr.fabrikam.com zone) to update its zone information from SEA-SC4 (the master server for the zone), do this:

dnscmd SEA-SC1 /zonerefresh hr.fabrikam.com

For more information on managing DNS servers running on Windows Server Core, see my book Windows Server 2008 Server Core Administrator's Pocket Consultant from Microsoft Press.

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top