How To Backup/Restore An Active Directory Integrated DNS Zone

Whenever you make a fundamental change to a DNS zone it’s a good idea to back it up, but how do you do that when your DNS is Active Directory Integrated without taking a system state backup? We’ll take a look at both AD integrated and standalone methods to get a better understanding.

Non-AD integrated (Standalone) DNS:

If you’re running standalone DNS and simply have a Primary/Secondary setup then performing this style of backup is really very simple.  As standard DNS zone file information is stored in the %systemroot%\system32\dns folder (typically C:\Windows\System32\dns). When the DNS service starts it simply loads the dones from these files, likewise when a change is made it creates a backup and places it in the backup folder on the aforementioned path. It’s worth noting that only one backup is maintained so if you make another change the previous backup is overwritten, therefore if you make a sideways copy of these backups you can keep a version as long as you need.

AD Integrated Zones:

As AD integrated zones are stored within the Active Directory they do not have  any files associated with them and therefore are not backed up to the backup directory. So how do we get it out? Using DnsCmd.exe is how!

The Microsoft example of a zone export is as follows:

dnscmd [] /zoneexport 

This looks great but here it is in a more useful looking format:

DnsCmd DNSserver1 /ZoneExport example.com example.com.bak

Note that the backup file you have created will land in %systemroot%\System32\dns

How to restore AD Integrated Zones:

Warning: You should only attempt to restore this file as a last resort as it could impact your users especially then allowing for replication to the DNS holding DC’s.

  • Hop onto the DNS Management Console and delete the zone
  • Rename your zone backup to have a .dns extension, in the example above this would go from example.com.bak to example.com.dns
  • Create a new zone with the FQDN of the zone you deleted, if using the New Zone Wizard be sure to uncheck the Store in Active Directory option.
  • When prompted to create a new zone file or use an existing file, choose an existing file, the wizard should automatically fill in the zone FQDN with the .dns extension, this should look the same as your renamed zone file (example.com.dns)
  • Complete the wizard
  • Check the zone information is as per the zone before the changes
  • If all is well, simply change the zone type to Active Directory Integrated.

Job done.

Backing up Zone Files in Windows Server 2008 DNS Zone

Someone asked me to turn re-use an old server from having a catalog installed to just hosting primary DNS zones. So before I make this Active directory integrated DNS server to just a primary or do anything worthwhile I wanted to backup the zones. How?

First stop the DNS service by doing this command at the cmd prompt “net stop “DNS Server”

Next, just create a separate copy of the “%WinDir%\System32\dns” in my case C:\Windows\System32\dns directory that contains flat files (text files) of your zones. There are also some samples inside this directory, not required to be included.

Lastly is start the DNS service again by doing “net start “DNS Server”

To restore it just stop the DNS service, copy your backup back to the above directory then start the DNS service again and the zones are restored :D

I found my first hint on how to do this here: http://technet.microsoft.com/en-us/library/dd392269(WS.10).aspx

 

This blog was copied from : http://johndelizo.wordpress.com/2009/08/12/backing-up-windows-server-2008-dns-zone-files/