Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

Live Chat

How to audit DNS servers using Windows PowerShell and ADAudit Plus

The DNS server is the mainstay of any network. Any tampering with the DNS server could paralyze the company network as the servers may become unreachable. However, the worst-case scenario would be the network data being compromised. Attacks such as DNS cache poisoning redirects the DNS searches to fraudulent websites which could then fool the user into giving up network information such as password credentials. This can thoroughly compromise the integrity of your network. Therefore, DNS server monitoring counts among one of the top auditing priorities for a network administrator.

Monitoring DNS server in native AD can be done using Windows PowerShell. However, this involves writing multiple scripts to piece the information together. ADAudit Plus, on the other hand has multiple pre-packaged DNS server reports. It will also use the behavioral analytics function to alert the administrator if an unexpected change is detected in connection to the DNS server.

Here is a comparison on auditing the DNS server using Windows PowerShell and ADAudit Plus.

Using Windows PowerShell

  • Identify the DNS server from which you need the information.
  • Decide on the parameters to be included in the script. This helps filter the resulting report. For example, the parameter ComputerName helps narrow down the query to specific servers.
  • Write the code.
  • Compile the script.
  • Execute it in PowerShell.
  • You can export the resulting report in CSV format by adding the Export-CSV command at the end of the script.
  • The script will have to be modified accordingly if it needs to be exported in a different format.

Here is a sample script

Get-DnsServerDiagnostics|Export-Csv -Path "C:\NewFolder\DnsServerDiagnostics.csv" -NoTypeInformation
 Copied
Click to copy entire script

Here is a sample output:

powershell-get-dns-server-diagnostics-1

This script will list all the diagnostic and logging parameters and this will help administrators know which parameters are enabled and disabled.They can then use this information to modify the parameters by using another PowerShell cmdlet.

Using ADAudit Plus

  • In the ADAudit Plus console, click on the Reports tab, navigate to DNS Changes to view reports on the different events associated with the DNS server such as the modified DNS zones, permission changes and so on.
  • Select the relevant domain and OU.
  • Click Export to export the report in any of the different formats listed (CSV, PDF, HTML, CSVDE, XLSX).

Here is a sample report on permission changes in the DNS server:

powershell-get-dns-server-diagnostics-2

This report presents all the permission changes associated with the DNS server that have been made in the time frame chosen. It provides the who, when, where and what of the changes made. This will help administrators trace the source of any unexpected change in permissions, that could be a potential security risk.

The disadvantages of using PowerShell to monitor the DNS server:

  • There is no one script that will help monitor the server. Multiple scripts become necessary.
  • Any report produced in PowerShell will face format constrictions as exporting the report in any other format would require modification of the script.
  • The script can only be run on the server which has the DNS role installed in it.
  • It's hard to filter information in PowerShell while ADAudit Plus gives very specific reports on all AD objects.

ADAudit Plus gives specific reports on the changes made on all the objects in the network including the DNS servers, print servers, file servers and so on. It provides all round security to the network by constantly monitoring and reporting on the network.

  • Avoid complex PowerShell-scripting, and simplify AD change auditing with ADAudit Plus.
  • Get Your Free Trial
  • Avoid complex PowerShell-scripting, and simplify AD change auditing with ADAudit Plus.
  •  
  • By clicking 'Get Your Free Trial', you agree to processing of personal data according to the Privacy Policy.
  •  
  • Thanks!
  • Your download is in progress and it will be completed in just a few seconds! If you face any issues, download manually here.

Related Resources

ADAudit Plus Trusted By

Meet all auditing and IT security needs with ADAudit Plus.

  • Active Directory
  • File servers
  • Windows server
  • Workstation
  • Compliance
  • Related Products

A single pane of glass for complete Active Directory Auditing and Reporting

Free Trial Get Quote
Email Download Link