# Code Snippet from aperturescience.su

$hosts= <array of the hostnames of DNS servers to allow transfers from?

$masterdns = $hosts[0]

$newdnshost = read-host "Enter new host name (FQDN)"

$enumzones = get-WMIObject -Computer $masterdns -Namespace "root\\MicrosoftDNS" `
    -Class "MicrosoftDNS_Zone"

foreach ($zone in $enumzones)
{
    if ($zone.zonetype -eq 1)
    {
        write-host ""
        $name = $zone.name

        foreach ($dnsserver in $hosts) {
            #Allow zone transfers only to dns servers listed using ns resource records
            dnscmd $dnsserver /zoneresetsecondaries $name /SecureNs /Notify
            #write-host $dnsserver $name
            Write-host "Enabled SecureNS on "$dnsserver
        }

        #add the host to ns list
        dnscmd $masterdns /RecordAdd $name "@" NS $newdnshost
        #Write-host $masterdns $name $newdnshost
        Write-Host "NS Record for "$newdnshost " added to "$name
    }

}

# Code Snippet from aperturescience.su