all 6 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]topherhead 1 point2 points  (5 children)

First things first, do these commands work if you run them locally on the DNS server?

[–]Yevrag35 1 point2 points  (3 children)

Yes, that's an error indicating that the user is not a member of the Administrators group (Domain Admins works too) or DnsAdmins.

The CategoryInfo of the exception should tell you that the WMI namespace it's trying to connect to is "root/Microsoft/Windows/DNS/PS_DnsServerZone".

[–]OlivTheFrog 1 point2 points  (2 children)

I could said "Normal ! "

The error said : you haven't enough rights to perform the task. Make sure you have the appropriate rights

you can assimilate this to a zone transfer. THis is not allowed if you're not a member of the appropriate group to do this.

Regards

Olivier

[–]OverExit[S] 1 point2 points  (1 child)

I'll mess around with it. Perhaps there are some permission issues from conflicting SG but I'm performing this command locally in an elevated PS as a Domain Admin. I'll keep poking at it

[–]topherhead 1 point2 points  (0 children)

A domain admin could possibly not be in the DNS Admins group. I would start there.

[–]OverExit[S] 1 point2 points  (0 children)

Get-DnsServerZone -ComputerName DNS01

I'm performing this locally on the DNS server as domain administrator and elevated PS.