A collection of helper scripts for DNS, DHCP, and IPAM (DDI) projects.
These scripts support common consulting and engineering tasks such as:
- Data migrations between DDI platforms
- Analyzing DNS, DHCP, and IPAM data
- Preparing datasets for import/export
- Automating repetitive tasks with APIs or CLI tools
The repository contains scripts in Python, Shell, and PowerShell.
- Data Preparation
- Exports and Migrations
- Health Checks
- DNS and Zone Files
- DHCP and Leases
- Parsers and Automation
ascii_cleaner
Convert flat export files to ASCII for legacy import tools. Processes all files with a given extension in a target folder, preferring iconv UTF‑8→ASCII with transliteration, then iconv with //ignore, and finally a Python fallback that applies a German transliteration map (Ä→Ae, Ö→Oe, Ü→Ue, ä→ae, ö→oe, ü→ue, ß→ss). Cleaned files go to ascii_cleaned/; detailed per‑file logs for issues go to ascii_cleaned/logs/.
compare_pattern
This script compares two files by extracting all lines that contain a given search pattern.
It normalizes the matches and produces multiple output files, including raw matches, unique matches, common lines, and diffs.
convert_netmask-cidr
This script converts between CIDR notation (e.g., /24) and netmask notation (e.g., 255.255.255.0) within a CSV file.
csv_matcher
This script filters rows from a data CSV into match and miss files based on wildcard patterns stored in a values CSV.
It supports per-file delimiters, case-insensitive matching by default, and * wildcards for prefix, suffix, and substring matches.
file_merger
This script merges all files with a given suffix/extension from a specified directory into a single consolidated file.
The output file is named after the directory basename plus the chosen suffix.
gen_dummy_ipam
This script generates a CSV file containing all subnets derived from a given CIDR network and a target subnet mask size.
merge_csvs
This script merges multiple CSV files from a given directory into one consolidated, timestamped CSV file.
It keeps only the header from the first file, merges the rest in sorted order, and provides statistics on line counts.
If the ssconvert tool is available, it also generates an Excel .xls version of the merged file.
replace_column
This script replaces all values in a specified column of a CSV file with a new value.
The modified data is saved into a new CSV file with the replacement value embedded in the filename.
umlauts
This script searches for files matching a given pattern under a specified directory, repairs double-encoded UTF-8 text, and transliterates German umlauts into ASCII equivalents.
backup_ipctrl
This PowerShell script creates a MySQL backup of the BlueCat IPControl database.
It runs mysqldump.exe, saves the export as a .sql file, compresses it into a .zip, and manages retention by deleting old backups.
bdds_export
This script collects DNS and DHCP configuration data from a BlueCat DNS/DHCP Server (BDDS) and archives it into a compressed .tar.gz file.
It is intended for backup, migration, or troubleshooting scenarios.
dns_zip2csv
This script processes ZIP archives containing DNS export files and generates a merged CSV summary of all discovered zones.
export_dhcpd
This script extracts subnet configurations from an dhcpd.conf file based on a provided list of IPv4 CIDR ranges.
It validates prerequisites, cleans the input, processes the configuration, and produces a resulting configuration file with only the desired ranges.
export_ms-dns-dhcp
This PowerShell script exports both DNS and DHCP configuration from a Microsoft Windows Server and packages the results into a ZIP archive for handover, backup, or migration purposes.
extract_ms_zip
This script extracts Microsoft DNS/DHCP export archives that match the naming pattern MS-DNS-DHCP_*.zip (case-insensitive).
Each archive is extracted into its own subfolder under an exports/ directory, and the script reports whether the extracted content contains a dbs/ folder (commonly used for DNS zone files).
get_ipctrl_logs
This script collects all IPControl log files (*.log*) from the default installation directory (/opt/incontrol) and packages them into a compressed tarball for troubleshooting or support purposes.
ipctrl_importer
This script is a wrapper for running IPControl CLI imports with CSV files.
It validates input, runs the import, generates reject/error files, and reports runtime duration.
ipctrl_restore-reset
This script restores an IPControl database from a provided SQL dump (packaged as a .zip file).
It unpacks the SQL, stops the InControl service, starts MySQL, and loads the SQL dump into the database.
zone_from_zips
This script searches through a directory of ZIP archives, looks for a specific zone file inside each archive,
and extracts the matching files into a _working/ subdirectory.
bam_access
This script automates direct user management on the BlueCat Address Manager (BAM) PostgreSQL backend. It checks for the existence of key users (admin or bluecat), updates their password to a predefined MD5 hash, or creates the bluecat user when missing. It is intended for controlled administrative recovery scenarios where API access is unavailable.
bam_health
This script runs a health check on a BlueCat Address Manager (BAM) server.
It validates prerequisites, gathers system information, checks the application/database state,
and logs results into a timestamped log file.
bdds_health
Health check script for BlueCat DNS/DHCP Server (BDDS).
It validates prerequisites, collects system and service status (CPU, memory, filesystem, processes), inspects DNS (named) and DHCP (dhcpd) services, summarizes DHCP lease states, and records BlueCat software version and applied patches.
All results are written to a timestamped logfile on the BDDS itself.
check_dhcp_failover
This script checks the DHCP failover state on a BlueCat DNS/DHCP Server (BDDS).
It extracts credentials and association details from the DHCP configuration, connects with omshell, and reports both local and partner failover states.
check_ports
This script checks connectivity for a set of predefined ports across multiple servers provided in an input list.
It validates TCP/UDP services commonly used in DNS, DHCP, NTP, SNMP, and related applications.
Results are logged to both the console (with color-coded output) and a timestamped logfile.
collect_health_check
This script automates the collection of health check data from a BlueCat deployment, including both BlueCat DNS/DHCP Servers (BDDS) and BlueCat Address Manager (BAM).
dns_health_check
A comprehensive DNS health check script that validates delegation, authoritative servers, SOA records, DNSSEC, mail-related DNS entries, reachability, and network configuration for a given domain.
flush_jnl
This script starts a temporary BIND (named) instance using the local named.conf,
executes rndc sync -clean to flush all .jnl journal files into their corresponding .db zone files,
and then shuts the server down cleanly.
jnl_clean-up
This script safely removes BIND journal (.jnl) files from a BlueCat DNS server environment.
It stops the named service, backs up all .jnl files to a temporary folder, and deletes them from the live configuration directory.
pw_check
This script verifies which of up to three provided passwords are valid for logging into a list of BlueCat DNS/DHCP Servers (BDDS) over SSH.
It iterates through servers from a file, attempts password authentication, and logs the results.
pw_mgmt
Bulk password rotation for BlueCat DNS/DHCP Servers (BDDS).
For each BDDS listed in an input file, the script:
- Validates SSH access with the current root password.
- Connects via SSH and runs
passwd -q <user>non‑interactively to set a new password for the target user. - If the target user is
root, it re‑validates SSH with the new password.
All steps are logged.
search_datarake
This script searches through .tgz archives in a given input directory for a search string within daemon.log files (including rotated and compressed versions).
It extracts only the matching log files into a matched_logs directory for further analysis, while cleaning up temporary data.
check_zone
This script performs a sanity check on a DNS zone file.
It can inject a missing $ORIGIN directive if needed, runs BIND’s named-checkzone, and saves results into a report file.
compare_zone_variants
Compare DNS zone file variants that share the same filename but live in different folders under a root path.
The script gathers all matching files (by filename pattern), de‑duplicates identical content, cleans MS‑DNS artifacts, canonicalizes them with named-checkzone, normalizes records (ignore SOA, ignore TTL, lowercase), and then compares variants of the same basename.
Differences are logged; non‑identical canonical variants are preserved for review.
ddns_utils
Two shell scripts to create/update and remove DNS records by feeding nsupdate with commands derived from a simple CSV-like input file.
dependent_records
This script identifies dependent DNS records across multiple zones.
It performs zone transfers (AXFR) from the primary nameserver of each zone, then compares the transferred data with a given list of records to find dependencies.
Results are written into separate dependency reports for each zone.
dig_bulk
This script performs bulk DNS queries against a list of servers for a list of zones.
It checks for the presence of SOA, NS, and A records for each zone on each server, logs the results, and reports whether queries succeeded or failed.
dig_dump
This script runs a dig DNS query against a specified DNS server while simultaneously capturing the associated DNS traffic with tcpdump.
The result is a .pcap file for later analysis (e.g. in Wireshark) and a tcpdump log file.
dns_cutover
PowerShell script to automate a DNS cutover on Microsoft Windows DNS Server.
It reads a CSV with zone configuration and global settings, creates a full backup of the current DNS state, applies changes (secondary zones, forwarders, removals), and logs all actions for audit/handover.
dns_diff_tool
This script compares two DNS zone files (e.g., before and after a migration).
It canonicalizes the zone files, removes Microsoft DNS timestamps and ignorable records, then uses ldns-compare-zones to generate a clean, auditable diff.
Logs are written to dns_diff_tool.log.
dns_review
This script reviews and validates a BIND-style DNS configuration.
It takes a named.conf and associated zone files, flattens the configuration, checks syntax and zones, removes Microsoft DNS timestamps, and canonicalizes zone files.
The goal is to provide a clear overview of configuration health and identify issues.
dns_ttl_watch
Interactive DNS watch tool that paces itself by the observed TTL. It runs repeated dig queries for a given FQDN and record type, prints the current TTL and answer values, then sleeps for exactly the maximum TTL seen before querying again. This is useful for seeing when a cached RRset expires and when answers (or TTLs) change.
dublicated_entries
This script validates DNS zone files for duplicate entries:
- Hosts mapped to multiple IP addresses.
- IP addresses mapped to multiple hosts.
find_zone_duplicates
This Python script detects duplicated authoritative DNS zones (Zone Type: Primary/master) defined across multiple servers.
It optionally filters out reverse zones and outputs a CSV containing all duplicate authoritative zone definitions.
gen_named
This script generates a minimal named.conf configuration file for BIND by scanning a directory of DNS zone files.
For each zone file, it extracts the zone name from the SOA record and creates a corresponding zone block.
named2csv
This Python script parses a BIND named.conf configuration file and extracts zone details into a structured CSV file.
It captures zone name, type, associated IPs, dynamic update settings, and any global forwarders defined in the options block.
named_collection
This script recursively searches for named.conf files under a given root directory,
extracts zone information, and generates an overview of all DNS zones and their associated files.
normalise_zones
This script validates and normalizes DNS zone files listed in a named.conf.
It separates forward and reverse zones, cleans Microsoft DNS artifacts, canonicalizes each zone with named-checkzone, and validates the presence of forward records.
nslookup_bulk
Batch script for Windows to perform bulk DNS lookups.
It iterates through a list of FQDNs, queries a specified DNS server for a given record type using nslookup, and saves results to files.
ptr_clean-up
This script validates and cleans up reverse DNS (PTR) zones in a BIND-style DNS setup.
It ensures that configuration and zone files are consistent, removes Microsoft DNS timestamps, canonicalizes the zones, and logs all actions.
random_nsupdate
This script performs randomized dynamic DNS updates using the nsupdate utility.
It continuously generates random hostnames and IPv4 addresses and adds them to a specified DNS zone on a given server for a defined duration.
reverse_from_network
This script converts a list of IPv4 networks in CIDR notation into corresponding reverse DNS zones (in-addr.arpa).
It supports /8, /16, and /24 networks and generates a list of reverse zones.
server_prefix_groups
This Python script identifies DNS zones whose Primary/master servers fall into different naming groups, where a "group" is defined by the alpha-prefix (letters before the first digit in the server name).
sort_list_of_domains
This script processes and sorts a list of DNS zones.
It handles both forward zones (e.g. example.com) and reverse zones in CIDR notation (e.g. 192.168.1.0/24).
Reverse zones are converted into the correct in-addr.arpa format, and the combined list of zones is sorted hierarchically by domain labels.
The cleaned, normalized, and sorted list is written to a result file.
split_horizon_dns
This script compares two BIND configuration files (named.conf style) to identify zones defined in both files.
It then extracts and compares zone details, highlighting when the zone type (e.g., master, slave, stub, forward) matches between the two.
zone_version_diff
This Python script compares multiple versions of DNS zone files in a directory.
It groups zone files by filename prefix, parses records with dnspython, and performs pairwise diffs between versions.
zones_from_dotted_hosts
These two scripts work together to analyze and split DNS zone files into subzones.
check_dhcp-options
This script validates a Microsoft DHCP XML export and checks whether each DHCP scope has all critical DHCP options defined.
It reports any missing options per scope.
count_active_leases
This script parses the ISC DHCP leases file and counts:
- Active leases (unique IPs)
- Active clients (unique MAC addresses)
dhcp-xml_review
This Python script parses a Microsoft DHCP XML export and generates multiple structured CSV files for analysis.
It extracts server-wide options, scopes, reservations, and class assignments (VendorClass/UserClass).
dhcpd_subnet-list
This script extracts all subnet definitions from an ISC DHCP configuration file (dhcpd.conf) and exports them into a CSV file.
It includes the subnet address, subnet mask, and CIDR notation.
dhcpd-conf_review
Parses an ISC DHCPD configuration file (dhcpd.conf) and exports structured CSVs: Scopes (subnets / shared-networks),
Reservations (hosts) and Options (global, scope, host). Columns use number|name when a DHCP option number is known (e.g., 6|domain_name_servers).
extract_ms-dhcp_macs
This script extracts MAC-to-IP mappings from a Microsoft DHCP Server XML export.
It generates a complete list of all MACs and their associated IPs and a filtered list showing only MACs with multiple IPs.
gen_opt-119
Encodes a list of domain search suffixes into the RFC 3397 binary format used for DHCP option 119 (“Domain Search List”).
Supports standard compact hex output as well as Microsoft DHCP “Byte Array” format (for manual entry in the DHCP MMC).
get_vendor-classes
This script analyzes a Microsoft DHCP XML export and extracts information about Vendor Classes and their DHCP options.
check_xmls
This script scans a given directory for .zip files and verifies whether each contains expected DHCP and DNS XML configuration files (*_dhcp.xml, *_dns-config.xml).
It logs missing files and errors into separate CSV reports.
get_ldap_groups
A Perl script that connects to an LDAP/Active Directory server, searches for a given user, and prints all groups (memberOf) the user belongs to.
ib_onedb_overview
Parses an Infoblox OneDB XML export (onedb.xml) and generates CSV summaries for DNS zones (zone type, primaries, forwarders, AD integration, Dynamic DNS settings) and DHCP configuration (networks, ranges, reservations, custom DHCP options). Zones are grouped by DNS view and can be filtered or split per view.
jumper
Interactive SSH helper script that allows you to select a server from a list and connect to it.
It validates input, checks connectivity, and logs all actions. Useful as a "jumper" or "bastion" tool for quickly connecting to servers from a predefined inventory.
parse_ms-dns_xml
Parses a Microsoft DNS XML export file and extracts a quick overview of a single server's configuration. Extracts Server name, Zone names, Master server IPs, and Global forwarders. Intended as a lightweight helper script for analyzing a single XML file.
qip_named_normalizer
This script prepares a QIP-exported BIND/named configuration file for validation and normalization.
QIP configurations often include unsupported or environment-specific directives that can break named-checkconf.
The script filters those directives, then generates a fully expanded normalized configuration.
qip_overview
Generates a compact, operator‑friendly overview of a QIP export (QEF files). It parses the export directory and writes CSV overviews for zones, subnets (v4/v6), ranges, and more.
DHCP pools and reservations are derived directly from obj_prof.qef to match production behavior, with numeric sorting and CIDR‑aware metadata.
run_all_servers
This script automates running SSH commands or performing SCP file transfers across multiple servers from a list.
It supports batch execution with optional parallelization, input validation, and logging.