Dark Developments Where Knowledge Meets Power


D#B Backup&Recovery Notes [PART2]: DNS, DHCP & GPO’s

Posted by Dark#Basics


The Dynamic Host Configuration Protocol (DHCP) is an auto configuration protocol used on IP networks. Computers that are connected to IP networks must be configured before they can communicate with other computers on the network. DHCP allows a computer to be configured automatically, eliminating the need for intervention by a network administrator. It also provides a central database for keeping track of computers that have been connected to the network. This prevents two computers from accidentally being configured with the same IP address.

DHCP - Backup
Making a backup of DHCP is handy for the configuration of the pools (range, subnet,...) and the reserved IP's. DHCP servers permit you to reserve an IP address for a client. This means that the specific network client will have the same IP for as long as you wanted it to.

A backup can be done through CLI with the netsh-command.

netsh dhcp server dump > <filename>

DHCP - Recovery
Running a recovery of the DHCP-settings can be done with the exact same CLI-command.

netsh exec <filename>

Do note that it's also possible to preform a recovery from the DHCP Management snap-in.









DNS - Backup
DNS-records can be dumped to a file using the dnscmd-command. If DNS is integrated in the domain controller a backup of the DNS records can be made with dnscmd but also with the System State backup (Previous Paper).

dnscmd /zoneprint <zonename> > <filename>

DNS - Recovery
Recovering the DNS-records can be done with the same CLI-command.

dnscmd /zoneadd <zonename> /primary /file <filename> /load


Group Policy is a feature of the Microsoft Windows NT family of operating systems. Group Policy is a set of rules which control the working environment of user accounts and computer accounts. Group Policy provides the centralized management and configuration of operating systems, applications and users' settings in an Active Directory environment. In other words, Group Policy in part controls what users can and can't do on a computer system. Although Group Policy is more often seen in use for enterprise environments, it is also common in schools, smaller businesses and other kinds of smaller organizations. Group Policy is often used to restrict certain actions that may pose potential security risks, for example: to block access to the Task Manager, restrict access to certain folders, disable the downloading of executable files and so on.

GPO's - Backup
Backup of the GPO's can be done with two methods. The first one is through the System State backup, second method is by using VBScript's. These VBScript's are originally created for Windows Server 2003 when the Group Policy Management Console was installed.

These scripts are not available by default in Windows Server 2008 but can be downloaded from the Windows Download Center. With one of these scripts it is possible to preform a full backup of the GPO's.

cscript.exe BackupAllGPOss.wsf <destination>

GPO's - Recovery
GPO's can be recovered using various methods. First method is by using the Group Policy Management snap-in and selecting the Manage Backups option.

The second method is by using another VBScript called RestoreAllGPOs.

cscript.exe RestoreAllGPOs.wsf <location>