Monday, November 11, 2013

Hello Resolve-DnsName, Goodbye NSLookup

For several decades, I’ve used the NSLookup.exe command in DOS and Windows as a way of doing DNS troubleshooting. At one time, I needed it to verify basic domain lookup configuration, but Windows DNS makes it pretty simple to set domains up correctly. More recently, with products such as Lync, there is a need to have other DNS records validated, particularly SRV records that enable client auto-login etc.

NSLookup is not bad – in a former life I actually read bits of the code. It’s a tool I know how to use, and like I tell my PowerShell class, if it isn't broken, don’t fix it. Fair enough, I suppose, but It’s not really very PowerShell friendly.

As part of preparing my next Pluralsight Course, managing DNS with PowerShell, I’ve been playing with some of the new DNS Client cmdlets that come, in specific, for Server 2012 R2. One useful cmdlet is Resolve-DNSName.

Resolve-DNSName does pretty much exactly what NSLookup did, direct from the command line, plus a bit more. The cmdlet, unlike NSLookup, is able to make use of LLMNR, NetBIOS (or not) and can turnoff recursion in answering a query.

Here is some sample output:

PS C:> Resolve-DnsName -type all

Name           Type TTL  Section    IPAddress
----           ---- ---  -------    ---------     A    600  Answer

Name      :
QueryType : NS
TTL       : 3600
Section   : Answer
NameHost  :

Name                   :
QueryType              : SOA
TTL                    : 3600
Section                : Answer
NameAdministrator      :
SerialNumber           : 26
TimeToZoneRefresh      : 900
TimeToZoneFailureRetry : 600
TimeToExpiration       : 86400
DefaultTTL             : 3600 A    3600 Additional

[Srv1]: PS C:> Resolve-DnsName -Name

Name            Type TTL  Section IPAddress
----            ---- ---  ------- --------- A    1200 Answer

There are also switches for turning on or not DNSSec and EDNS, and can request any/all, or specific RR types. Long live Resolve-DNSName!

Technorati Tags: ,,


john_connett said...

I'm experiencing an unusual problem with Resolve-DnsName demonstrated by the following:

PS C:\Users\Administrator.PORTAL> Resolve-DnsName -Type All -Name
Name Type TTL Section IPAddress
---- ---- --- ------- --------- A 2011 Answer
PS C:\Users\Administrator.PORTAL> Resolve-DnsName -Type A -Name
Name Type TTL Section IPAddress
---- ---- --- ------- --------- A 1200 Question
PS C:\Users\Administrator.PORTAL> Resolve-DnsName -Type A -Name -DnsOnly
Name Type TTL Section IPAddress
---- ---- --- ------- --------- A 1953 Answer
PS C:\Users\Administrator.PORTAL>

I would expect "-Type All" and "- Type A" to return the same A resource record but they don't. I'm also puzzled by the "Question" section.

Any idea what is going on?

Roman Revell said...

Never quite how you want it... I notice that they also left out a way to see what server or other name source is being queried. Sometimes that can help with troubleshooting. I can specify my default server that nslookup uses and not resolve a name with resolve-dnsname, but then if I don't specify anything, it resolves the name. Confusing.