Reload a Zone File

Updated: October 7, 2009

Applies To: Windows Server 2008 R2

Tip

This topic applies to DNSSEC in Windows Server 2008 R2. DNSSEC support is greatly enhanced in Windows Server 2012. For more information, see DNSSEC in Windows Server 2012.

The DnsCmd /OfflineSign /SignZone command will generate a zone file that contains DNSSEC data. After signing a zone file, copy both the signed and unsigned zone files to a secure location and then delete the unsigned version of the zone. Next, reload the zone with the signed zone file as the input. For a description of additional dnscmd.exe command options, see DnsCmd Syntax (https://go.microsoft.com/fwlink/?LinkId=165772).

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

Reloading a zone

Use the following procedures to reload a zone file. If the zone is Active Directory integrated, you must reset the zone type prior to reloading the zone.

Warning

Active Directory integration of a signed zone is not recommended because it will require the manual update of all service (SRV) records and other resource records.

To reload a file backed zone

  1. Copy the signed zone file to the %windir%\System32\DNS directory on the authoritative DNS server.

  2. Open an elevated command prompt and browse to the %windir%\System32\DNS directory.

  3. Type the following command, and then press ENTER:

    dnscmd /ZoneDelete <zone name> /f
    
  4. Type the following command, and then press ENTER:

    dnscmd /ZoneAdd <zone name> <zone type> /file <zone file name> /load
    

To reload an Active Directory integrated zone

  1. Copy the signed zone file to the %windir%\System32\DNS directory on the authoritative DNS server.

  2. Open an elevated command prompt and browse to the %windir%\System32\DNS directory.

  3. Type the following command, and then press ENTER:

    dnscmd /ZoneDelete <zone name> /dsdel /f
    
  4. Type the following command, and then press ENTER:

    dnscmd /ZoneAdd <zone name> <zone type> /file <zone file name> /load
    
  5. Type the following command, and then press ENTER:

    dnscmd /ZoneResetType <zone name> /dsprimary
    
Value Description

dnscmd

The command-line tool for managing DNS servers.

/ZoneDelete

Required. Deletes a specified zone from the DNS server.

/ZoneAdd

Required. Adds a specified zone to the DNS server.

/ZoneResetType

Required. Changes the type of a specified zone.

<zone name>

Required. The FQDN of the zone.

<zone file name>

Required. The name of the file used to store zone data.

<zone type>

Required. Specifies the current zone type (ex: /primary).

See Also

Concepts

Checklist: Signing a Zone