IIRC, DNSCMD coupled with dsacls will give you some of that information. There are also some api's that are available to try and roll your own, but nothing that really gives good information IMHO.
There's a kb somewhere out there that describes how to set the ownership of each record using dsacls due to a problem with dhcp registration of records using a particular service account. I don't recall exactly the kb, but take a look and see if you can't modify the dsacls command to report the ownership of the records.
Al
On 11/7/06, WATSON, BEN <[EMAIL PROTECTED]> wrote:
Hey guys,
Simple question I hope. I was looking for a way to determine a couple things about DNS (A & PTR records) entries in an Active Directory Integrated DNS environment…
1) Is there a way to determine whether the entry has been manually defined (and thus is never scavenged) or registered through dynamic updates?
2) Is there a way to determine the current age of a DNS entry?
3) Is there a way to determine who has the rights to make modifications to an entry through dynamic updates?
Thanks as always,
~Ben
