DNS Analyzer Tool

/0 Comments/in /by 

<#
.SYNOPSIS
DNS Analyzer Tool

.DESCRIPTION
This script analyzes DNS configurations, zones, records, and potential issues across DNS servers in your network.

.NOTES
File Name      : DNSAnalyzer.ps1
Author         : [Your Name]
Prerequisite   : PowerShell V5.1 or later, DnsServer module, appropriate admin permissions
Version        : 1.0
Date           : [Current Date]

.EXAMPLE
.\DNSAnalyzer.ps1
#>

# Import required module
Import-Module DnsServer

# Global variables
$global:reportPath = "$env:USERPROFILE\Desktop\DNS_Analysis_Report_$(Get-Date -Format 'yyyyMMdd_HHmmss').html"

<#
.SYNOPSIS
Displays the main menu of the tool.
#>
function Show-Menu {
    Clear-Host
    Write-Host "=== DNS Analyzer Tool ===" -ForegroundColor Cyan
    Write-Host "1. Analyze DNS Server Configuration"
    Write-Host "2. Check DNS Zones"
    Write-Host "3. Analyze DNS Records"
    Write-Host "4. Check DNS Forwarders"
    Write-Host "5. Analyze DNS Performance"
    Write-Host "6. Check DNS Security Settings"
    Write-Host "7. Analyze DNS Client Settings on Domain Controllers"
    Write-Host "8. Generate Comprehensive HTML Report"
    Write-Host "9. Exit"
}

<#
.SYNOPSIS
Gets a list of DNS servers to analyze.

.OUTPUTS
Array of DNS server names.
#>
function Get-TargetDNSServers {
    $option = Read-Host "Analyze (A)ll domain DNS servers, (S)pecific servers, or (F)ile input? (A/S/F)"
    switch ($option.ToUpper()) {
        "A" {
            return (Get-DnsServerZone -ComputerName (Get-ADDomain).PDCEmulator | Select-Object -ExpandProperty ZoneNames | Get-DnsServerResourceRecord -RRType NS -ComputerName (Get-ADDomain).PDCEmulator | Select-Object -ExpandProperty RecordData | Select-Object -ExpandProperty NameServer)
        }
        "S" {
            $servers = @()
            do {
                $server = Read-Host "Enter DNS server name (or press Enter to finish)"
                if ($server -ne "") { $servers += $server }
            } while ($server -ne "")
            return $servers
        }
        "F" {
            $filePath = Read-Host "Enter the path to the file containing DNS server names"
            return (Get-Content $filePath)
        }
        default {
            Write-Host "Invalid option. Defaulting to all domain DNS servers." -ForegroundColor Yellow
            return (Get-DnsServerZone -ComputerName (Get-ADDomain).PDCEmulator | Select-Object -ExpandProperty ZoneNames | Get-DnsServerResourceRecord -RRType NS -ComputerName (Get-ADDomain).PDCEmulator | Select-Object -ExpandProperty RecordData | Select-Object -ExpandProperty NameServer)
        }
    }
}

<#
.SYNOPSIS
Analyzes DNS server configuration.

.PARAMETER Servers
Array of DNS server names to analyze.

.OUTPUTS
Array of PSObjects containing DNS server configuration details.
#>
function Analyze-DNSServerConfiguration {
    param([string[]]$Servers)

    Write-Host "`nAnalyzing DNS Server Configuration..." -ForegroundColor Yellow
    $configResults = @()
    foreach ($server in $Servers) {
        try {
            $config = Get-DnsServerSetting -ComputerName $server -ErrorAction Stop
            $configResults += [PSCustomObject]@{
                Server = $server
                ListeningIPAddress = $config.ListeningIPAddress -join ", "
                EnableDnsSec = $config.EnableDnsSec
                BindSecondaries = $config.BindSecondaries
                RoundRobin = $config.RoundRobin
                LocalNetPriority = $config.LocalNetPriority
            }
        }
        catch {
            Write-Host "Error analyzing DNS configuration on $server : $_" -ForegroundColor Red
        }
    }
    $configResults | Format-Table -AutoSize
    return $configResults
}

<#
.SYNOPSIS
Checks DNS zones on target servers.

.PARAMETER Servers
Array of DNS server names to analyze.

.OUTPUTS
Array of PSObjects containing DNS zone details.
#>
function Check-DNSZones {
    param([string[]]$Servers)

    Write-Host "`nChecking DNS Zones..." -ForegroundColor Yellow
    $zoneResults = @()
    foreach ($server in $Servers) {
        try {
            $zones = Get-DnsServerZone -ComputerName $server -ErrorAction Stop
            foreach ($zone in $zones) {
                $zoneResults += [PSCustomObject]@{
                    Server = $server
                    ZoneName = $zone.ZoneName
                    ZoneType = $zone.ZoneType
                    IsDsIntegrated = $zone.IsDsIntegrated
                    IsReverseLookupZone = $zone.IsReverseLookupZone
                    RecordCount = $zone.ZoneStatistics.RecordCount
                }
            }
        }
        catch {
            Write-Host "Error checking DNS zones on $server : $_" -ForegroundColor Red
        }
    }
    $zoneResults | Format-Table -AutoSize
    return $zoneResults
}

<#
.SYNOPSIS
Analyzes DNS records in specific zones.

.PARAMETER Servers
Array of DNS server names to analyze.

.OUTPUTS
Array of PSObjects containing DNS record details.
#>
function Analyze-DNSRecords {
    param([string[]]$Servers)

    Write-Host "`nAnalyzing DNS Records..." -ForegroundColor Yellow
    $recordResults = @()
    foreach ($server in $Servers) {
        try {
            $zones = Get-DnsServerZone -ComputerName $server -ErrorAction Stop
            foreach ($zone in $zones) {
                $records = Get-DnsServerResourceRecord -ZoneName $zone.ZoneName -ComputerName $server -ErrorAction Stop
                $recordResults += [PSCustomObject]@{
                    Server = $server
                    ZoneName = $zone.ZoneName
                    TotalRecords = $records.Count
                    ARecords = ($records | Where-Object {$_.RecordType -eq "A"}).Count
                    AAAARecords = ($records | Where-Object {$_.RecordType -eq "AAAA"}).Count
                    CNAMERecords = ($records | Where-Object {$_.RecordType -eq "CNAME"}).Count
                    MXRecords = ($records | Where-Object {$_.RecordType -eq "MX"}).Count
                }
            }
        }
        catch {
            Write-Host "Error analyzing DNS records on $server : $_" -ForegroundColor Red
        }
    }
    $recordResults | Format-Table -AutoSize
    return $recordResults
}

<#
.SYNOPSIS
Checks DNS forwarders on target servers.

.PARAMETER Servers
Array of DNS server names to analyze.

.OUTPUTS
Array of PSObjects containing DNS forwarder details.
#>
function Check-DNSForwarders {
    param([string[]]$Servers)

    Write-Host "`nChecking DNS Forwarders..." -ForegroundColor Yellow
    $forwarderResults = @()
    foreach ($server in $Servers) {
        try {
            $forwarders = Get-DnsServerForwarder -ComputerName $server -ErrorAction Stop
            $forwarderResults += [PSCustomObject]@{
                Server = $server
                ForwarderAddresses = $forwarders.IPAddress -join ", "
                UseRootHint = $forwarders.UseRootHint
                Timeout = $forwarders.Timeout
            }
        }
        catch {
            Write-Host "Error checking DNS forwarders on $server : $_" -ForegroundColor Red
        }
    }
    $forwarderResults | Format-Table -AutoSize
    return $forwarderResults
}

<#
.SYNOPSIS
Analyzes DNS performance on target servers.

.PARAMETER Servers
Array of DNS server names to analyze.

.OUTPUTS
Array of PSObjects containing DNS performance details.
#>
function Analyze-DNSPerformance {
    param([string[]]$Servers)

    Write-Host "`nAnalyzing DNS Performance..." -ForegroundColor Yellow
    $performanceResults = @()
    foreach ($server in $Servers) {
        try {
            $counters = Get-Counter -ComputerName $server -Counter @(
                "\DNS\Total Query Received/sec",
                "\DNS\Total Response Sent/sec",
                "\DNS\Recursive Queries/sec"
            ) -ErrorAction Stop
            $performanceResults += [PSCustomObject]@{
                Server = $server
                QueriesReceived = $counters.CounterSamples[0].CookedValue
                ResponsesSent = $counters.CounterSamples[1].CookedValue
                RecursiveQueries = $counters.CounterSamples[2].CookedValue
            }
        }
        catch {
            Write-Host "Error analyzing DNS performance on $server : $_" -ForegroundColor Red
        }
    }
    $performanceResults | Format-Table -AutoSize
    return $performanceResults
}

<#
.SYNOPSIS
Checks DNS security settings on target servers.

.PARAMETER Servers
Array of DNS server names to analyze.

.OUTPUTS
Array of PSObjects containing DNS security setting details.
#>
function Check-DNSSecuritySettings {
    param([string[]]$Servers)

    Write-Host "`nChecking DNS Security Settings..." -ForegroundColor Yellow
    $securityResults = @()
    foreach ($server in $Servers) {
        try {
            $security = Get-DnsServerSetting -ComputerName $server -ErrorAction Stop
            $securityResults += [PSCustomObject]@{
                Server = $server
                EnableDnsSec = $security.EnableDnsSec
                NameCheckingLevel = $security.NameCheckingLevel
                UpdateOptions = $security.UpdateOptions
                SecureResponses = $security.SecureResponses
            }
        }
        catch {
            Write-Host "Error checking DNS security settings on $server : $_" -ForegroundColor Red
        }
    }
    $securityResults | Format-Table -AutoSize
    return $securityResults
}

<#
.SYNOPSIS
Analyzes DNS client settings on Domain Controllers.

.OUTPUTS
Array of PSObjects containing DNS client setting details for Domain Controllers.
#>
function Analyze-DNSClientSettingsOnDCs {
    Write-Host "`nAnalyzing DNS Client Settings on Domain Controllers..." -ForegroundColor Yellow
    $dcResults = @()
    $dcs = Get-ADDomainController -Filter *
    foreach ($dc in $dcs) {
        try {
            $nics = Get-WmiObject Win32_NetworkAdapterConfiguration -ComputerName $dc.HostName -Filter "IPEnabled='True'"
            foreach ($nic in $nics) {
                $dcResults += [PSCustomObject]@{
                    DomainController = $dc.HostName
                    InterfaceDescription = $nic.Description
                    DNSServers = $nic.DNSServerSearchOrder -join ", "
                    DNSSuffixSearchOrder = $nic.DNSDomainSuffixSearchOrder -join ", "
                }
            }
        }
        catch {
            Write-Host "Error analyzing DNS client settings on $($dc.HostName) : $_" -ForegroundColor Red
        }
    }
    $dcResults | Format-Table -AutoSize
    return $dcResults
}

<#
.SYNOPSIS
Generates a comprehensive HTML report of all analyses.

.PARAMETER AllResults
Hashtable containing all analysis results.

.OUTPUTS
Saves an HTML report to the desktop.
#>
function Generate-HTMLReport {
    param([hashtable]$AllResults)

    Write-Host "`nGenerating Comprehensive HTML Report..." -ForegroundColor Yellow
    $reportContent = @"
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>DNS Analysis Report</title>
    <style>
        body { font-family: Arial, sans-serif; line-height: 1.6; color: #333; max-width: 1200px; margin: 0 auto; padding: 20px; }
        h1, h2, h3 { color: #0078D4; }
        table { border-collapse: collapse; width: 100%; margin-bottom: 20px; }
        th, td { border: 1px solid #ddd; padding: 8px; text-align: left; }
        th { background-color: #f2f2f2; }
    </style>
</head>
<body>
    <h1>DNS Analysis Report</h1>
    <p>Generated on: $(Get-Date)</p>

    <h2>DNS Server Configuration</h2>
    $($AllResults.ServerConfig | ConvertTo-Html -Fragment)

    <h2>DNS Zones</h2>
    $($AllResults.Zones | ConvertTo-Html -Fragment)

    <h2>DNS Records</h2>
    $($AllResults.Records | ConvertTo-Html -Fragment)

    <h2>DNS Forwarders</h2>
    $($AllResults.Forwarders | ConvertTo-Html -Fragment)

    <h2>DNS Performance</h2>
    $($AllResults.Performance | ConvertTo-Html -Fragment)

    <h2>DNS Security Settings</h2>
    $($AllResults.SecuritySettings | ConvertTo-Html -Fragment)

    <h2>DNS Client Settings on Domain Controllers</h2>
    $($AllResults.DCClientSettings | ConvertTo-Html -Fragment)
</body>
</html>
"@

    $reportContent | Out-File -FilePath $global:reportPath
    Write-Host "Report generated and saved to: $global:reportPath" -ForegroundColor Green
}

# Main program loop
$targetDNSServers = Get-TargetDNSServers
$allResults = @{}

do {
    Show-Menu
    $choice = Read-Host "`nEnter your choice (1-9)"

    switch ($choice) {
        "1" { $allResults.ServerConfig = Analyze-DNSServerConfiguration -Servers $targetDNSServers }
        "2" { $allResults.Zones = Check-DNSZones -Servers $targetDNSServers }
        "3" { $allResults.Records = Analyze-DNSRecords -Servers $targetDNSServers }
        "4" { $allResults.Forwarders = Check-DNSForwarders -Servers $targetDNSServers }
        "5" { $allResults.Performance = Analyze-DNSPerformance -Servers $targetDNSServers }
        "6" { $allResults.SecuritySettings = Check-DNSSecuritySettings -Servers $targetDNSServers }
        "7" { $allResults.DCClientSettings = Analyze-DNSClientSettingsOnDCs }
        "8" { Generate-HTMLReport -AllResults $allResults }
        "9" { Write-Host "Exiting program..." -ForegroundColor Yellow; break }
        default { Write-Host "Invalid choice. Please try again." -ForegroundColor Red }
    }

    if ($choice -ne "9") {
        Read-Host "`nPress Enter to continue..."
    }
} while ($choice -ne "9")

This DNS Analyzer Tool includes:

  1. A menu-driven interface for easy navigation.
  2. Functions to analyze various aspects of DNS:
    • DNS Server Configuration analysis
    • DNS Zones check
    • DNS Records analysis
    • DNS Forwarders check
    • DNS Performance analysis
    • DNS Security Settings check
    • DNS Client Settings analysis on Domain Controllers
  3. Flexible DNS server selection (all domain DNS servers, specific servers, or from a file).
  4. Comprehensive error handling for each analysis function.
  5. A function to generate an HTML report of all collected data.

Key features:

  • Detailed analysis of DNS server configurations across multiple servers
  • Checking of DNS zones and record distributions
  • Review of DNS forwarder settings
  • Performance analysis using DNS-related counters
  • Security configuration checks
  • Analysis of DNS client settings on Domain Controllers
  • HTML report generation for easy sharing and viewing of results

This tool is particularly useful for:

  • System administrators managing DNS servers
  • Network administrators troubleshooting DNS-related issues
  • Security professionals auditing DNS configurations
  • IT professionals performing DNS health checks

To use this script effectively:

  1. Run PowerShell as an administrator
  2. Ensure you have the necessary permissions to query the target DNS servers
  3. Have the required PowerShell modules available (DnsServer and ActiveDirectory)

This script provides a comprehensive overview of DNS configurations and potential issues across multiple DNS servers in your network. It can significantly streamline the process of auditing and maintaining DNS services, enhancing both performance and security aspects of your DNS infrastructure.

You might also like
Script Template for PowerShell
Domain Check Toolkit
Advanced Active Directory Monitoring Tool
Creating Best Practices for PowerShell Functions
XML Generator Tool
Active Directory Computer Analysis Tool
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *