13.10. Configuring Zone Transfer
You want to enable zone transfers to specific secondary name servers.
Using a graphical user interface
Open the DNS snap-in (dnsmgmt.msc).
In the left pane, expand the server node and expand either Forward Lookup Zone or Reverse Lookup Zone depending on the type of zone you want to manage.
Right-click on the zone and select Properties.
Select the Zone Transfers tab.
Select either the option to restrict zone transfers to those servers listed on the Name Servers tab, or the option to restrict zone transfers to specific IP addresses, as desired. See the Discussion section for more on these two options.
Using a command-line interface
The following command enables zone transfers for the test.local zone and specifies they can only occur with servers that have NS records in the zone (i.e., servers listed within the Name Servers tab of the DNS snap-in):
<ServerName>/ZoneResetSecondaries test.local /SecureNs
The next command enables zone transfers for same zone, but specifies they can only occur with hosts whose IP addresses are 172.16.11.33 and 172.16.11.34:
<ServerName>/ZoneResetSecondaries test.local /SecureList 172.16.11.33 172.16.11.34
' This code creates a name server (NS) record on a DNS server. strDNSServer = "
<servername>" strContainer = "
<containername>" strOwner = "
<ownername>" intRecordClass = 1 intTTL = 600 strNSHost = "
<nameservername>" strComputer = "." set objWMIService = GetObject _ ("winmgmts:\\" & ...