BGINFO - A Posh Recreation
Recently I have been building a lot of Windows Servers in different environments - one
Wow – There is something in the air today! For the second time, the boss has asked me a question and it wasn’t would I like more coffee. He asked me if there was an easy way of changing all the secondary DNS server of all the computers in the network without having to login to each machine!
BINGO! Our PowerShell guy says who is in fact me! Yes – this is actually stupidly easy to do! Let me show you! If I wasn’t lazy I would create an actual function like set-dnsserversforallcomputers. But I am lazy and I just needed to solve the problem quickly so I could return to my coffee!
First – to protect the innocent, I will use my Azure lab – which currently has a DC and MS exchange server. Not large scale – but enough to demo what I did to modify the DNS settings across the server estate.
Ok, the current adapter setting of my Exchange Server is
As you can see from the screenshot, the interface is DHCP – I’m lazy this is a very quick and dirty lab but I have statically set the DNS servers. As you can see!
I used the old faithful get-netipaddress to just confirm the IP address as well.
get-netipaddress | select ipaddress
Now, in my mind the easiest way to do this is with WMI, no if’s just quick and dirty fix!!
So I am going to call the WMI class win32_networkadapterconfiguration If we look at the MSDN page for this we can see there are lots and lots of methods and properties for us to use
https://msdn.microsoft.com/en-us/library/windows/desktop/aa394217(v=vs.85).aspx
Now the best thing to do, is to throw this into a variable that way we can use it usefully, so our code will be
$nic =Get-WmiObject -Class win32_networkadapterconfiguration -ComputerName simexch
Just as proof I’m on a remote machine, I have included proof in the screenshot! Hate to be called a cheat and what not J That would just make me grumpy.
If the MSDN page is far too boring for you, don’t forget we can do the old faithful method of doing a get-member on our new $nic object
$nic | get-member
As you can see just like MSDN told us, there are plenty of methods to use! Right – what could be useful but there a lot and Grumpy Admin is a lazy admin so I don’t like to read!
So let’s modify our Get-member statement for easy
$nic |gm -n *dns
As you can see from the above code grumpy admin is lazy – using alias and not typing the whole -name out! Bah! These are cool little shortcuts you learn as you use PowerShell more and more!
The highlighted code, DNSServerSearchOrder – might be the property we are looking for! let’s give it a try!
Excellent – as we can see there is a SETDNSServerSearchOrder which we can use to achieve our aim and save the day!
ok – now so in my mind we should be able to just do the following
$nic.SetDNSServerSearchOrder(“10.0.0.4″,”8.8.4.4”) to change the secondary DNS server to 8.8.4.4
Let’s try that now! Errrr – what happened here? Confused.com – well not really let’s have a look!
I thought there would be two elements, representing the first DNS option and the second DNS option. But this method only wants one argument! This caught me out initially and took me like 10 seconds to figure out! Lack of coffee is my excuse, So we need to combine this is in to an array and send it to it as one item!
Simple way to do this is like this
$nic.SetDNSServerSearchOrder(@("10.0.0.4","8.8.4.4"))
As you can see we get some output – boring – now let’s go back and do a confirmation exercise to see if our settings have stuck and we now have 8.8.4.4 as our secondary DNS server!
With the magic of the up key, we can repeat or WMI query and we can query the resulting $nic variable for the DNSServerSearchOrder
The results are in! – The DNS server has been changed! However, I did this fix at 10:20 this morning on the production network moving stuff to the new DNS server and I wasn’t even allowed a POETS day. This makes me exceptionally GRUMPY! But the take away point is the fix worked, saved us lots of logging on and changing stuff, as you know that how we would of done it prior to PowerShell! So no reward! BAH! PowerShell still saved the day!
and for the final confirmation, let check the server out
Perfect, we changed the secondary DNS server remotely
Now let’s scale this up as I did in my production estate where I used this today, we have lots of servers to do after all!
So let’s all have a think, where, oh where, can get a list of servers in our domain so that we can perform actions on them on by one……I once heard there was this technology out there called…. Active Directory or something like that…
Well lets import the AD module and do some magic!
Import-Module ActiveDirectory
and then let’s use the old fav cmdlet, I am sure you all seen and used before as staple in PowerShell AD administration –
get-adcomputer -filter *
So we can actually use it, let’s throw the results into a variable like $domaincomputers
$domaincomputers = Get-AdComputer -filter *
Now let’s do a tried and tested method of dealing with these objects one by one… the old fashion – FOREACH LOOP! So this will be my code.
foreach ($computer in $domaincomputers) { $nic =Get-WmiObject -Class win32_networkadapterconfiguration -ComputerName $computer.DNSHostname $nic.SetDNSServerSearchOrder(@("10.0.0.4","8.8.4.4")) }
I will just cut and paste that in and run it…….
WTF!!!! I just loose connection to my AZURE LAB! What is going on, grumpy admin fucked up big style here maybe – I guess, azure vm’s don’t really like that – But trust me when I say it worked on my production no issues…. I might expect a short disconnection while the adapter updates but drop RDP and then not allowing a reconnection seems heavy and wrong to me!
umm what is going on – So I log in to my Azure portal and restart the VM – nothing – let’s give it another try – Still failing to connect via ip and port. Right, let’s just give it a public DNS name and try that. Clutching at straws to be honest.
Freaking ODD! Give it a public DNS name and I can connect to it again! Meh! Looks like we were just unlucky with the Azure cloud in this instance, might try and replicate the issue later but meh! I am very lazy – but as you can see from this screenshot….
The adapter DNS server for was changed to 8.8.4.4 so success, the simple foreach loop worked! A minor blip, but I am happy with the results! I know the method works as I did it this morning!
Now there are things to consider, what happens if there is more than one network adapter on a machine! You might want to check and loop through the adapters and handle that! – but the answer to my boss’s question was YES and actually quite simply – Thank you Grumpy Admin, and the answer to my question can I go home now was sadly a NO L MEAN!!!!
Hazzy