Summary

More Information

1. Self-test (check that Neverfail Engine is installed and the 3rd party tools are compatible).
2. Get machine and environment identities.
3. Get the list of Name Servers from Active Directory (if the “-ns” option is not used).
4. For each Name Server check that it is contactable.
5. For each contactable Name Server identify if it’s a Primary or Secondary (Slave) DNS.
6. For each contactable Primary DNS extract the list of zones.
7. For each IP Addresses that is to be removed:
   
   1. For each contactable Primary DNS that has a forward zone for the machine domain attempt to remove the Forward record.
   2. For each contactable Primary DNS that has a reverse zone for the machine domain attempt to remove the Reverse record.
8. For each IP Addresses that is to be added:
   
   1. For each contactable Primary DNS that has a forward zone for the machine domain attempt to add a Forward record.
   2. For each contactable Primary DNS that has a reverse zone for the machine domain attempt to add a Reverse record.
9. Update Secondary Servers.
   
   1. For each contactable Secondary DNS request a Zone Refresh.
10. Tidy up temporary storage.

User Account Requirements

Enhanced Features

1. The DNSUpdate tool can be run after initial install, as it will handle DNS configurations that have changed since then.
   
2. Multiple IP addresses can be handled at the same time using multiple “-s” and/or “-p”. 
3. The DNSUpdate.exe handles failures and continues to attempt to update the DNS servers even when a server is unavailable or when a specific zone update fails.
4. It has a self-test feature that checks that the system tools that it uses are compatible.
5. It can specify name servers (if required) rather than query Active Directory.
   

Usage

General Parameters:

-h : Displays this usage information

-v : Displays the version of this program

-selftest : Self tests the program

-d : Debug (traces the program)

-ci : Case insensitive Zone matching

-t time : Number of Seconds that the Address can be held

-r ipaddress : Remove this ipaddress

-a ipaddress : Add this ipaddress

-ns ipaddress : Update this Domain Name Server

-cc appName Domain Output : Run as if NFDNSScripter for the given App and Domain and put the script in Output

-p ipaddress : This is a Primary ipaddress

-s ipaddress : This is a Secondary ipaddress

-pri ipaddress : This is a Primary ipaddress

-sec ipaddress : This is a Secondary ipaddress

-ter ipaddress : This is a Tertiary ipaddress. Which address is removed/added is dependant on if the machine is the Primary, Secondary or Tertiary

-auto : Extract the IP addresses from Engine (only valid with Engine versions V8.0 and later)

-name compname : Name of the server

-domain domain : Domain Name

-dcretrycount count : The number of times that contact with the DC is attempted. The default is 60.

-dcretrysleep sleep : The time in milliseconds that each attempt will wait before retrying.  The default is 2000.

Return Codes:

0: Success

1: Incorrect Usage

2: Invalid Parameters

3: Self Test error

4: Fatal Windows error

6: Incompatible DNSCMD.exe

7: Engine not correctly installed

8: Invalid IP Address

9: Ran out of memory

10: No normal Zones on any DNS have had IP Address's added

11 : Domain Controller cannot be contacted

Parameter Notes:

• “-auto” This is used to instruct DNSUpdate to use the IP addresses in the registry.  With Engine V8.0 a new registry structure has been introduced that holds all the Public IP addresses, this can be used to avoid having to specify them.
• “-cc” This is used to generate a file that is the same as the one generated by the replaced NFDNSScripter utility.  The “-cc” option will not update the DNS’s, the functionality is present for two purposes; for regression testing and to enable a visual check of what NFDNSCMD instructions would be performed.
• “-ns” This is used to specify the IP Addresses of the DNS’s that are to be updated.  The “-ns” option will replace the list of Name Servers that are extracted from Active Directory.  There is no limitation as to how many times “-ns” can be specified, however 9 instances have been tested.
• “-p” This parameter is used to specify the Public IP Address of the Primary.  Up to 9 instances of this parameter have been tested.
• “-s” This parameter is used to specify the Public IP Address of the Secondary.  Up to 9 instances of this parameter have been tested.
• “-p” & “-s” These parameters are used in different ways depending on if the tool is run on the Primary or the Secondary.  When the tool is run on the primary it will remove the “-s” IP Address’s and add the “-p”, when the tool is run on the secondary it will remove the “-p” IP Address’s and add the “-s”.
• “-pri” An alternative for “-p”.
• “-sec” An alternative for “-s”.
• “-ter” This parameter is used to specify the Public IP Address of the Tertiary.
• “-t” This parameter is used to define the TTL (Time-To-Live) for any added records, the default value is 45 seconds.  This is used by other servers to time limit their cache of the record.
• “-ci” This parameter is used to allow zone/domain matching when the case is different e.g. “WAN1.qa” will normally NOT match “wan1.qa” this parameter will allow them to match.
• “-name” This is used to override the server name that is extracted from the Domain Controller.
• “-domain” This is used to override the Domain that is extracted from the Domain Controller.
• “-dcretrycount” This is used to control the number of attempts to contact the Domain Controller.  The default is 60
• -dcretrysleep” This is used to control the duration (in milliseconds) of the wait between each attempt to contact the Domain Controller.  The default is 2000 milliseconds (2 seconds).

Return Codes:

0: Success : This will be returned if there have not been any errors that will cause DNSUpdate to be unable to complete its calls of DNSCMD. If any of the DNSCMD calls fail or if there are no contactable Name Servers, the Success return code will be returned. This is intentional to allow the known situations where the DNS topology is inconsistent and/or flawed.

1: Incorrect Usage

2: Invalid Parameters

3: Self-test error

4: Fatal Windows error

6: Incompatible DNSCMD.exe

7: Engine not correctly installed

8: Invalid IP Address

9: Ran out of memory

10: No normal Zones on any DNS have had IP Address's added. This will be returned when there has been no successful attempt to update a zone (not reverse zones).

11: Domain Controller cannot be contacted  

With Neverfail Engine  V8.0 and Later

When Neverfail Engine V8.0 and later is configured for a WAN during installation, Neverfail automatically creates the required DNSUpdate tasks under the 'Tasks' tab of the Neverfail Engine Advanced Management Client. If Neverfail is initially installed in a LAN and later stretched to WAN or problems are encountered when DNSUpdate executes, the DNSUpdate tasks must be created manually. 

1. Determine detected Secondary servers using the DNSUpdate -d switch (the -d switch enables the debug mode) and look in the output for the below section:
   
        
        Update secondary DNS servers
2. If you see /zonerefresh commands on various DNS servers, you will then need to add 'Network Configuration' tasks to both servers manually. 

To create DNSUpdate tasks manually, follow these steps:

1. Launch the Neverfail Engine Advanced Management Client.
2. Click on the Application button.
3. Select the Tasks tab.
4. Click on the User Accounts button.
5. Click the Add button.
6. Enter the credentials for an account with rights to update the DNS (a member of the Administrators or Server Operators group on the DNS server).
7. Click Ok, and then Close.
8. Click the Add button to add a new task.
9. Provide a descriptive name for the 'Task' (i.e. DNSUpdate).
10. Select 'Network Configuration' for Task type.
11. Select either Primary or Secondary for the server the task should run on as appropriate.
12. In the Command field, enter the "dnscmd" with appropriate flags as shown below in the example.
13. In the 'Run As' field select the user appropriate user account from the drop down and then click Ok.

Note: The DNSUpdate tool will detect if it’s being run on Primary or Secondary server by checking the registry as described previously. 

Example: Dnsupdate -p <primary public IP address> -s secondary public IP address> 

To create DNSUpdate tasks manually, follow these steps:

1. Launch the Neverfail Engine Advanced Management Client.
2. Click on the Application button.
3. Select the Tasks tab.
4. Click on the User Accounts button.
5. Click the Add button.
6. Enter the credentials for an account with rights to update the DNS (a member of the Administrators or Server Operators group on the DNS server).
7. Click Ok, and then Close.
8. Click the Add button to add a new task.
9. Provide a descriptive name for the 'Task' (i.e. DNSUpdate).
10. Select 'Network Configuration' for Task type.
11. Select either Primary or Secondary for the server the task should run on as appropriate.
12. In the Command field, enter the "dnscmd" with appropriate flags as shown below in the example.
13. In the 'Run As' field select the user appropriate user account from the drop down and then click Ok.

Note: To simplify the DNS update process, a batch file can be created to include all dnscmd instances and then a single network configuration task can be configured to run newly created batch file.

Example: Add the following 4 commands as separate Network Configuration tasks in the sequence listed below for each detected Secondary DNS server replacing {…} with the appropriate value:

dnscmd {DNS server IP} /RecordDelete {fqdn} {netbios machine name} A {machine IP to remove} /f

dnscmd {DNS server IP} /RecordDelete {reverse zone name} {server IP truncated} PTR {fully qualified machine name} /f

dnscmd {DNS server IP} /RecordAdd {fqdn} {netbios machine name} {TTL} A {machine IP to add}

dnscmd {DNS server IP} /RecordAdd {reverse zone name} {server IP truncated} {TTL} PTR {fully qualified machine name} 

DNSCMD Calls

/RecordAdd - Used to add both Forward (A) and Reverse (PTR) records.
/RecordDelete - Used to remove both Forward (A) and Reverse (PTR) records.
/Zonerefresh - Used to instruct a Secondary (Slave) DNS to refresh its zones.
-? Used to extract the usage of DNSCMD so that its compatibility can be determined.
/EnumZones - Used to retrieve the list of zones.
/Info IsSlave - Used to identify Secondary (Slave) DNS’s.

Applies To