Announcement

Collapse
No announcement yet.

FQDN vs. DNS PTR Check

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • FQDN vs. DNS PTR Check

    Hi,
    I'm in a need for a small script that will do the following:

    1. The script will run locally on Machine X
    2. Find the machine FQDN
    3. Check if the FQDN is identical to the PTR in the DNS

    powershell / vb / batch ... all will be nice if they do the job


    Thanks!

  • #2
    Re: FQDN vs. DNS PTR Check

    What have you come up with so far?
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: FQDN vs. DNS PTR Check

      Maybe you can use nslookup.

      nslookup %computername%
      will return the FQDN and the <IP>

      then,
      nslookup -type=ptr <IP>
      should return the same FQDN again.

      This would be the batch
      Code:
      @echo off
      
      SetLocal ENABLEEXTENSIONS ENABLEDELAYEDEXPANSION
      
      Set "$_FQDN="
      
      for /f "skip=3 tokens=2* delims=: " %%* in ('nslookup.exe %computername%') Do (
         IF NOT DEFINED $_FQDN (Set "$_FQDN=%%*") ELSE (Set "$_IP=%%*")
      )
      
      for /f "tokens=2* delims== " %%* in ('nslookup.exe -type^=ptr %$_IP%^|Find/i "in-addr.arpa"') Do (
         IF /i [%$_FQDN%] EQU [%%*] (echo We have a match) ELSE (echo No match)
      )
      
      EndLocal
      
      pause>nul
      hope this will work for you.

      \Rems

      This posting is provided "AS IS" with no warranties, and confers no rights.

      __________________

      ** Remember to give credit where credit's due **
      and leave Reputation Points for meaningful posts

      Comment


      • #4
        Re: FQDN vs. DNS PTR Check

        Kudos Rems!
        works like a charm

        Comment


        • #5
          Re: FQDN vs. DNS PTR Check

          Thanks XtaZee!


          The results possible with a reverse dns lookup are:
          1. The computer's ip is found once and matches the fqdn. (perfect)
          2. The computer's ip address couldn't be found et all.
          3. The computer's ip is found but none of the returned fqdns or fqdn matches.
          4. Or, the computer's IP address returned one valid fqdn among other name(s).


          I modified the batch a bit, it will list any of the above results.
          Code:
          @echo off
          COLOR 9e 
          
          rem  IPCONFIG.exe /registerdns >nul
          rem  echo.wait & call:Delay 5 seconds & cls
          
          SetLocal ENABLEEXTENSIONS ENABLEDELAYEDEXPANSION
          
          Set "$_FQDN="
          
          for /f "skip=3 tokens=2* delims=: " %%* in ('nslookup.exe %computername%') Do (
             IF NOT DEFINED $_FQDN (Set "$_FQDN=%%*") ELSE (Set "$_IP=%%*")
          )
          
          TITLE This Computer: %$_FQDN%   [ IP: %$_IP% ]
          echo.
          echo.Reverse DNS lookup of this computer's IP-address
          echo.-------------------------------------------------------------------------------
          
          for /f "tokens=2* delims== " %%* in ('nslookup.exe -type^=ptr %$_IP%^|Find/i "in-addr.arpa"') Do (
             IF /i [%$_FQDN%] EQU [%%*] (echo.match =^> %%*) ELSE (echo.stale^^!^^!^^! %%*)
          )
          
          echo.&echo.&echo.&echo.-done-
          
          EndLocal
          
          pause>nul
          
          
          GoTo:EOF
          :Delay ---subroutine---
          @(ping 127.0.0.1 -n %1)>nul
          GoTo:EOF
          \Rems
          Last edited by Rems; 28th April 2008, 19:10.

          This posting is provided "AS IS" with no warranties, and confers no rights.

          __________________

          ** Remember to give credit where credit's due **
          and leave Reputation Points for meaningful posts

          Comment


          • #6
            Re: FQDN vs. DNS PTR Check

            Additionally

            If stale (ptr-) records were found, try this command line:

            Dnscmd <dnsserver> /startscavenging <zonename>

            Or, for deleting per pointer record:

            Dnscmd <dnsserver> /RecordDelete <networkid>.in-addr.arpa. <hostid> PTR <FQDN> /f

            http://technet2.microsoft.com/Window...d69f31033.mspx

            note, to execute this command you must be a domain admin.

            e.g.
            computer:
            IP address: 192.168.1.55 / 255.255.255.0
            FQDN: ws0001.domain.local (or: %computername%.%userdnsdomain% )

            dns server:
            dnsserver01 ( or, in case if is same as the DC that authenticated the computer: %logonserver% )

            Dnscmd dnsserver01 /RecordDelete 1.168.192.in-addr.arpa. 55 PTR ws0001.domain.local /f



            b.t.w. to create the ptr record, if no match was found:
            use Dnscmd with the switch /recordadd
            or use:
            IPCONFIG.exe /registerdns


            \Rems


            If you notices there is a dot after in-addr.arpa.
            This tip was shown to me by Oz Ozugurlu. Thanks.
            Last edited by Rems; 1st May 2008, 11:07. Reason: typo in example

            This posting is provided "AS IS" with no warranties, and confers no rights.

            __________________

            ** Remember to give credit where credit's due **
            and leave Reputation Points for meaningful posts

            Comment


            • #7
              Re: FQDN vs. DNS PTR Check

              10x - drinks are on me!

              Comment

              Working...
              X