Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Need help writing zone add/delete syntax with dnscmd

Status
Not open for further replies.
ReK410

ReK410

IS-IT--Management
Sep 18, 2003
60
US
My goal is to lift our block on Youtube during certain hours by using DNSCMD bat files to add and delete the zone via Windows Task Scheduler.

My create command seems to work OK, as soon as it is run the clients are immidiately blocked from the site:

dnscmd /zoneadd youtube.com /dsprimary

I'm having problems with the delete command. It runs sucessfully and I see via the MMC that the zone is no longer listed. However the clients are still blocked, even after I restart the DNS Server service.

dnscmd /zonedelete youtube.com /dsdel /f

Any ideas why?

 
Sort by date Sort by votes
Have you tried clearing the cache on the client machines after the delete? Are the clients using this server for primary DNS or is there another server in between? Do you have more than one local DNS server that zone might be replicating to?
 
Upvote 0 Downvote
I think it is a client-side issue because I tested a couple of machines and it wasn't consistent between them. That's annoying because it isn't something I can manage from the scripting :-(
 
Upvote 0 Downvote
Do you have a linux box? I have squid running as a proxy server and squidguard running to restrict the access to certain sites like youtube and other problem sites during business hours. We also have different groups of IPs to allow for different policies between departments. It is fairly configurable, easy to install and I deployed the proxy settings to the users via a GPO in the domain.

A slightly different approach: if your users don't have custom entries in their hosts file, you can do this:
on a server or your workstation create a folder called "customhosts"
in the folder create two folders called blocked and unblocked
in those folders create a hosts file in each
in the blocked dir file add an entry that sends youtube.com to 127.0.0.1
in the unblocked dir file dont put it in
create a batch file to copy the hosts file to the machines for blocking and another for unblocking.
 
Upvote 0 Downvote
Unfortunately we are a M$ Windows shop :-(

I'm thinking the same thing about the hosts file, it's just a tricky thing to deploy. We are considering blocking/unblocking multiple times per day so I'm trying to find a way that will work without the users needed to log out/back into their machines.
 
Upvote 0 Downvote
Changes to the hosts file should be an instant change. May have to close and reopen the browser to get it to take effect (unless you disable page caching). The system hosts file is checked before DNS so you don't have to worry about the local DNS cache.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Nick Ellson
  • Locked
  • Question
Bind9 with RPZ and local forwarding zones?
Replies
1
Views
6K
Nick Ellson
Nick Ellson
tbright
  • Locked
  • Question
DNS reverse lookup errors: zone 1.168.192.in-addr.arpa/IN: has no NS records
Replies
1
Views
7K
tbright
tbright
KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
5K
KenMeans
KenMeans
nw2619
  • Locked
  • Question
Bind 9.10 - add CNAME record value change
Replies
0
Views
5K
nw2619
nw2619
dikidushi
  • Locked
  • Question
DC/DNS Zone
Replies
0
Views
74
dikidushi
dikidushi

Part and Inventory Search

Sponsor

Back
Top