I don’t often (read: ever) post about Windows, but I thought this might come in handy for a few people.
I’ve been working for a new client recently, helping out with their infrastructure. One thing the CTO really wants to do is to use BIND as a DNS server, instead of Windows. The infrastructure side of the house sees Windows as a necessary evil to keep users happy: the less reliance on it, the better.
As you can probably tell by reading my blog or by knowing anything about me, I have no issue with this position whatsoever.
Anyways, this used to be a particularly easy task: the last time I had anything to do with Windows (Server 2003, no, really) the zones were stored on disk, in a BIND-compatible format.
In the latest versions, the zones appear to be stored in Active Directory, and there are some hurdles you need to go through to export them to a usable format (the Export action in Server Manager does, quite frankly, less than diddly).
dnscmd <domain controller> /ZoneExport <name of domain> <filename> Example: dnscmd some-domain-controller.ad.yourdomain.biz /ZoneExport ad.yourdomain.biz ad.yourdomain.biz.txt
Like all Windows tools, dnscmd has its own particular brand of brain damage:
<filename> is not a full path, but literally just a filename that will be saved in
<windows root>/<system dir>/dns. If you try to put something like
C:\temp\something.txt you’ll be rewarded with nonsense like
On most systems you can find the files dnscmd produces in
You’ll be rewarded with a BIND-compatible zone export, which you can use as you like. The SRV records for an AD domain are the most important, since Windows replication and other functionality will break without them.
Too bad I still have to merge two forests and rename a domain. That should be FUN CITY.