'How to change the replication scope of an Active-Directory-integrated DNS zone?

Related to this question: How to set the replication scope of an AD-Integrated DNS zone using WMI?.

I need to change (using PowerShell, so .NET, ADSI or WMI) the replication scope of an Active-Directory-integrated DNS zone, i.e. the directory partition the zone it's stored in (DomainDnsZones or ForestDnsZone).

Can this be accomplished programmatically?

.netpowershellactive-directorydnswmi


Solution 1:[1]

When either the GUI or DNSCMD is used to change the replication scope of a zone, I've observed the following process:

1) All of the DNS record objects are copied from the old location to the new location.

2) If (and only if) the copy completes successfully, the objects in the old location are deleted. I observed one case where the process was interrupted, leaving a partial copy of the zone in the new location. It caused some problems because the DNS service did not like seeing two versions of the same zone in different locations.

I'm not even sure it is that simple. For instance, are changes tracked during the copy process? My guess is no. Consider replication partners who don't know about the change yet: They will still continue to update the zone in the old partition until the DNS service detects that the zone has moved.

So, if you can use ADSI to copy all of the DNS zone objects from the old partition to the new partition, then delete the objects from the old partition, that should do the trick.

Thus, while it is possible, it is not exactly simple. Even with all the ADSI scripting I've done, I think I would still defer to DNSCMD or the GUI for this task.

Solution 2:[2]

Don't know if you can do this with WMI, but dnscmd can do it. Note that if you're doing this remotely and your DNS server is running 2k8/2k8 R2 then you need to have a Vista or later version of dnscmd in order to support the improved RPC authentication.

HOWTO for Server 2003

Server 2008 documentation of same command

Solution 3:[3]

$Zones = Get-WMIObject -Computer $ServerName -Namespace "root\MicrosoftDNS" -Class "MicrosoftDNS_Zone"

then use:

$Zones | Get-Member

and see if what you search for is there.

Solution 4:[4]

To modify scope zone to "All DNS servers in the forest" :

dnscmd /ZoneChangedirectorypartition $zone /forest

For domain:

replace /forest by /domain

and by /Legacy for : Windows 2000 capability

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Artomegus
Solution 2 Bacon Bits
Solution 3 Emiliano Poggi
Solution 4 Henry Ecker

Related Questions

detect events on powerpoint shapes from C#

detect events on powerpoint shapes from C#

What does "Beta: Use Unicode UTF-8 for worldwide language support" actually do?

What does "Beta: Use Unicode UTF-8 for worldwide language support" actually do?

Class not inheriting from object?

Class not inheriting from object?

What is a StickyLabel, and why does it sit in a ContextMenuStrip.Contols collection?

Using a BindingSource, how do I tell if I have changes pending?

Secure cookies flag always getting lost in first session after resetting IIS

Including Pictures in an Outlook Email

automapper map interface to interface or object

Union two list by property

Suggestions for designing complex LINQ code

VS 2022 - cannot change Target Platform to .Net 6.0 for a project created in VS 2019

How to programmatically derive Windows Downloads folder "%USERPROFILE%/Downloads"?