Looking to do work with DNS through Perl

[James]

Hello,

I'm not terribly new to Perl, I have some basics down. What I don't
have down is finding a way to do what I want for a particular script.

What I am looking to do is to query DNS servers on both Win32 and
UNIX, to get a list of all servers in the network ranges we have.

For example,
lets say I have a 10. network and a 130. network, with several subnets
and VPN's. I want a script to go out and:
(This is where this post comes in handy)
A. Query all DNS servers in the domains, in all the networks and
either grab zone files or host files,
B. Authenticate into each server and run several subroutines to query
information on the current server,
C .. A whole bunch of other stuff.
The problems are:
A I don't know the particular nameservers at this time (unfortunately
the company doen't let you do ping sweeps or run sam-spade type tools
on the networks)
B. I don't have access to all servers at this time.

Is it possible to get DNS server names from domain controllers, or
just a nslookup on the main domains?
If I don't have access to the DNS servers, is it possible to extract
the information through ADS?
Is it also possible to get the DNS information (in full) - all servers
in DNS, if I don't have access to the nameserver?

I'm pretty new to windows, and if I had access to the other platforms
I'd have no problem getting the information. I essentially have to
write the tools myself.

Thanks-

 

[Lambik]

Hello,

I'm not terribly new to Perl, I have some basics down. What I don't
have down is finding a way to do what I want for a particular script.

What I am looking to do is to query DNS servers on both Win32 and
UNIX, to get a list of all servers in the network ranges we have.
For example,
lets say I have a 10. network and a 130. network, with several subnets
and VPN's. I want a script to go out and:
(This is where this post comes in handy)
A. Query all DNS servers in the domains, in all the networks and
either grab zone files or host files,
B. Authenticate into each server and run several subroutines to query
information on the current server,
C .. A whole bunch of other stuff.
The problems are:
A I don't know the particular nameservers at this time (unfortunately
the company doen't let you do ping sweeps or run sam-spade type tools
on the networks)
B. I don't have access to all servers at this time.

Is it possible to get DNS server names from domain controllers, or
just a nslookup on the main domains?
If I don't have access to the DNS servers, is it possible to extract
the information through ADS?
Is it also possible to get the DNS information (in full) - all servers
in DNS, if I don't have access to the nameserver?

I'm pretty new to windows, and if I had access to the other platforms
I'd have no problem getting the information. I essentially have to
write the tools myself.

I don't understand what exactly you want to do. If you are not allowed to
ping the network, then i guess you are in trouble. There is no way to do it
without pinging the network.

use Net:NS;

foreach my $nr (253..254) {
my $res = Net:NS::Resolver->new(
nameservers => [qq(192.168.1.$nr)],
recurse => 0,
udp_timeout => 3
);
if ($res->search('localhost')) {
print "Found a localhost entry on 192.168.1.$nr\n";
};
}
__END__
is just another way of pinging. What i don't see is what this has to do with
Windows. If you want the DNS server of the current computer you could do
something like:

use Win32::OLE('in');
use constant wbemFlagReturnImmediately => 0x10;
use constant wbemFlagForwardOnly => 0x20;

$computer = ".";
$objWMIService = Win32::OLE->GetObject
("winmgmts:\\\\$computer\\root\\CIMV2") or die "WMI connection
failed.\n";
$colItems = $objWMIService->ExecQuery
("SELECT * FROM Win32_NetworkAdapterConfiguration",
"WQL",wbemFlagReturnImmediately | wbemFlagForwardOnly);

foreach my $objItem (in $colItems)
{
print "DNS Server Search Order: " . join(",", (in
$objItem->{DNSServerSearchOrder})) . "\n";
}
__END__

But the biggest question is: why do you want to do it when you obviously
aren't permitted to do so?

 

[James]

Hello,

I'm not terribly new to Perl, I have some basics down. What I don't
have down is finding a way to do what I want for a particular script.

What I am looking to do is to query DNS servers on both Win32 and
UNIX, to get a list of all servers in the network ranges we have.
For example,
lets say I have a 10. network and a 130. network, with several subnets
and VPN's. I want a script to go out and:
(This is where this post comes in handy)
A. Query all DNS servers in the domains, in all the networks and
either grab zone files or host files,
B. Authenticate into each server and run several subroutines to query
information on the current server,
C .. A whole bunch of other stuff.
The problems are:
A I don't know the particular nameservers at this time (unfortunately
the company doen't let you do ping sweeps or run sam-spade type tools
on the networks)
B. I don't have access to all servers at this time.

Is it possible to get DNS server names from domain controllers, or
just a nslookup on the main domains?
If I don't have access to the DNS servers, is it possible to extract
the information through ADS?
Is it also possible to get the DNS information (in full) - all servers
in DNS, if I don't have access to the nameserver?

I'm pretty new to windows, and if I had access to the other platforms
I'd have no problem getting the information. I essentially have to
write the tools myself.

I don't understand what exactly you want to do. If you are not allowed to
ping the network, then i guess you are in trouble. There is no way to do it
without pinging the network.

use Net:NS;

foreach my $nr (253..254) {
my $res = Net:NS::Resolver->new(
nameservers => [qq(192.168.1.$nr)],
recurse => 0,
udp_timeout => 3
);
if ($res->search('localhost')) {
print "Found a localhost entry on 192.168.1.$nr\n";
};}

__END__
is just another way of pinging. What i don't see is what this has to do with
Windows. If you want the DNS server of the current computer you could do
something like:

use Win32::OLE('in');
use constant wbemFlagReturnImmediately => 0x10;
use constant wbemFlagForwardOnly => 0x20;

$computer = ".";
$objWMIService = Win32::OLE->GetObject
("winmgmts:\\\\$computer\\root\\CIMV2") or die "WMI connection
failed.\n";
$colItems = $objWMIService->ExecQuery
("SELECT * FROM Win32_NetworkAdapterConfiguration",
"WQL",wbemFlagReturnImmediately | wbemFlagForwardOnly);

foreach my $objItem (in $colItems)
{
print "DNS Server Search Order: " . join(",", (in
$objItem->{DNSServerSearchOrder})) . "\n";}

__END__

But the biggest question is: why do you want to do it when you obviously
aren't permitted to do so?- Hide quoted text -

- Show quoted text -

Lambik,

Thank you for replying. The answer to the biggest question is that it
is part of my job, whether the powers that be want to acknowledge it
or not. I could traverse through thousands of servers by hand to get
the necessary information for my job, but I'd rather do it through a
script.
You see, there are some documents I have to work off that don't have
all necessary information. And trying to get the access to some of
the servers that I should rightfully have for the job is like trying
to water the entire desert with an eight ounce glass of water that has
a leak in the bottom of the glass.
So, since I do not have access to all the servers and am being told to
get all the information that is missing, I was hoping I could use
common networking commands or script functions that are fairly non-
intrusive to get all the information I need. One of my questions was
rather idiotic, nslookup will tell you server names, but the question
is if that information being returned is also accurate.
Which is another part of the dilemma. Not all of the information is
correct. So I have 40 hours per week to manually log into thousands
of servers to extract hardware, software, and networking information,
then update *my* correct documentation (that is providing I'm aware of
all changes to the environment until I'm done).

Thank you very much for the code snippets. I will definitely try them
out .. I could post my script, but it is *very* long.

Thanks again ..

Da Fuego