I recently spent a couple of days trying to transfer DNS server zone files from an older public DNS server (Windows 2008) to a new replacement (Windows 2012 R2) at a different IP address. This involved editing them to change the IP address of one of the NS entries in each zone file. These were not AD integrated zones.
Following some good articles, I used this process:
- Export the Registry entries for the Zones from HKLM\Software\Microsoft\Windows NT\Current Version\DNS Server\Zones (Capture the entire Zones key structure)
- Copy all the .dns zone files from C:\Windows\System32\DNS\ to another folder (using C:\DNSTransfer in this example)
- Edit the copied zone files to change the IP address as needed. Script was:
- $OldIP = "11.22.33.44" #Example only
- $NewIP = "55.66.77.88" #Example only
- Get-ChildItem C:\DNSTransfer -Recurse | Select-String -Pattern '$OldIP' -SimpleMatch | Foreach-Object{
$content = Get-Content $_.Path
$content -replace '$OldIP','$NewIP' | Out-File $_.Path }
- Install DNS on the new server
- Configure the server as required (use DNSCMD /Info to capture existing server settings)
- Create a dummy zone (to initialise the new DNS) - delete this later
- Import/Merge the .REG file to load the Zone information into the new registry
- Copy the edited .dns zone files into to new server's C:\Windows\System32\DNS folder.
- Restart DNS server service.
Every time I did this I only ended up with the internal name of the DNS server as the only record in each Zone as seen from DNS Manager. The Zone files were still correct, the registry keys were correct, but DNS only served up garbage. All the NS, MX A, CNAME etc records appeared to vanish.
Even rebuilt new servers in various editions of Windows (2008 R2, 2012, 2012 R2) and got the same results.
When I created new zones on the servers they worked fine. When I copied content rom old zones into the new zones that also worked. Eventually twigged that the problem was the ENCODING of the .dns zone files. The ones that had been edited were in Unicode format. Original and new files were in ANSI format. No amount of changing the Name Checking method in the DNS servers could get them to properly read these Unicode files.
The answer was deceptively simple: PowerShell had modified the encoding when the script was run. Added the encoding switch and it all worked. The new script is:
- $OldIP = "11.22.33.44" #Example only
- $NewIP = "55.66.77.88" #Example only
- Get-ChildItem C:\DNSTransfer -Recurse | Select-String -Pattern '$OldIP' -SimpleMatch | Foreach-Object{
$content = Get-Content $_.Path
$content -replace '$OldIP','$NewIP' | Out-File $_.Path -Encoding ASCII }
So the simple message is: Make sure your Microsoft DNS Zone files are in ANSI encoding, otherwise the DNS server will treat them as faulty and write default entries only.