With DNS, backing up primary and secondary zones independent of the system state is a pretty simple process. You can use the xcopy command to back up all zone text files on a DNS server. This command would back up the contents of the default DNS folder to the "D:\backups\dns" folder:
xcopy %systemroot%\system32\dns d:\backups\dns /y
Unfortunately, the process isnt as simple for Active Directory-integrated DNS zones. For these zones, the support tool dnscmd.exe can get the job done. To back up any DNS zone with dnscmd.exe, you just need to use the /zoneexport switch with the command. To back up the MCPmag.com zone locally on a DNS server, you'd run:
dnscmd /zoneexport mcpmag.com backup\mcpmag.com.dns.bak
This command writes a copy of the mcpmag.com zone to the %systemroot%\system32\dns\
If you need to re-create a new zone from the export file, youll find that you can do this by using dnscmd.exe with the /zoneadd switch. The only catch with this approach is that if youre looking to recover an AD-integrated zone, you need to add the zone as a primary first and then convert it to AD-integrated. For example, to recover my mcpmag.com zone, I'd run:
dnscmd /zoneadd mcpmag.com /primary /file mcpmag.com.dns.bak /load
Here, note that the backup file needs to reside in the %systemroot%\system32\dns folder for it to be properly discovered. Use the /load switch to tell the command to load the configuration from the existing file. Without it, the command will create a new zone data file that will overwrite the contents of the backup file.
After adding the zone to the DNS server, you can convert it to an AD-integrated zone by running:
dnscmd /zoneresettype mcpmag.com /dsprimary
At this point, you can then enable secure dynamic updates for the zone by running:
dnscmd /config mcpmag.com /allowupdate 2
This command configures the zone to accept only secure dynamic updates, as specified by the allowupdate value of 2 (use 0 to specify No dynamic updates, 1 for nonsecure and secure dynamic updates).
Back to Deighton