fb
Homepage 5 How-to Articles 5 How to Change DNS Address on Remotely with PowerShell

How to Change DNS Address on Remotely with PowerShell

Manage remote endpoints, deploy software and patches with Action1 cloud RMM solution.

Sign up and use free on up to 50 endpoints with no functionality limits or expiration.



May 10, 2019

Betweentimes you need to update multiple computers with DNS settings. Instead of doing this one by one manually you can automate it so it can be done in one go, from a plain PowerShell script. It’s simple but very effective. This article shows how to remotely change DNS settings.

If you are administering DNS on Windows Server systems, you may have heard about Dnscmd, a powerful command-line tool that allows you to perform almost any DNS management task. Without detracting from the merits of Dnscmd, I am pleased to announce that now DNS administrators have gained a new support group in the face of 100 PowerShell teams. In this article I will talk about three of them, and also give an example of how one simple powerful tool of PowerShell can be made even more powerful.

1. What Version of Windows Server Do You Need to Use 100 New Commands

I have not had time to try out the entire hundred, but, as far as I can tell, to use them with respect to Windows Server 2008 R2, it is enough to have a Windows 8 workstation that is joined to the domain and on which the remote server administration tools (RSAT) for Windows 8. To display a list of 100 DNS commands, use the following command:

get-command *-dnsserver*

If you are running Windows Server 2012, then simply install the built-in DNS management tools, and the DNS commands will be at your disposal.

2. Familiarity with PowerShell Command Blocks Get and Add

As you probably already understood, familiarity with the blocks of PowerShell commands should begin with testing the Get- commands. Get-dnsserveredns gives information about whether the DNS server has DNS extensions enabled (I have enabled). Get-dnsserverrecursion lets you know if a server is accepting DNS requests for zones that do not exist on this server. Suppose I request from a local DNS server serving AD, the resource www.microsoft.com. The local DNS server does not work with the public Microsoft zone, and it will perform requests to Internet resources only after recursion is enabled.

Why is this feature useful? Unfortunately, in recent years, the number of attempts to use DNS servers to organize malicious distributed denial of service (DoS) attacks has greatly increased, forcing administrators to disable recursion on DNS servers (it is enabled by default). In such cases, it is useful to be able to verify this DNS server or use the excellent means of remoting PowerShell. For example, if there are five DNS servers D1, D2, D3, D4 and D5, then a simple report on their recursion status can be displayed using the command:

invoke-command -computername d1,d2,d3,d4,d5 -scriptblock {get-dnsserverrecursion|select pscomputername,enable}

We know that the – scriptblock parameter allows braces to give remote computers a command that should be executed. In this case, there is a DNS command in curly braces, followed by a Select statement with the name of the computer on which to run this command, as well as the result.

In Server 2012, one of the time-saving DNS commands is add-dnssecondaryzone. I discovered it by setting up a new DNS server as a secondary server for a specific group of DNS zones. Setting up a secondary DNS server for an existing domain using a graphical interface or Dnscmd is a trivial task. As it turned out, you can configure the secondary DNS server for the bigfirm.com domain with the main IP address 71.23.1.5 and save the zone data to a text file bigfirm.com.dns using the following command:

add-dnssecondaryzone bigfirm.com "bigfirm.com.dns" 71.23.1.5

I assumed that this could be done immediately with seven domains, for which it would be enough just to change the name of the zone in two places. First, I saved the domain names into an array, which is a comma-separated list of names in quotes:

$zones="bigfirm.com","minasi.com","mmco.com","pungogrill.com","thesoftwareconspiracy.com","softwareconspiracy.com","steadierstate.com"

Then, using the pipeline and the foreach-object command, I organized the transfer of the name of each zone to the add-dnssecondaryzone command using the built-in variable $ _, the contents of which is what is currently in the pipeline:

$zones | foreach-object {Add-DnsServerSecondaryZone $_ $_+".dns" "71.23.1.5"}

It worked right away.

3. Example of Simple Script to Set the DNS Server IP Addresses on a Network Card Based on Its Name

Click Start, type PowerShell, and then click Windows PowerShell.

Step to Change DNS Settings is to Run PowerShell as Administrator

Input this simple script to remotely change DNS settings

function Set-DnsServerIpAddress {

param(

[string] $ComputerName,

[string] $NicName,

[string] $IpAddresses

)

if (Test-Connection -ComputerName $ComputerName -Count 2 -Quiet) {

Invoke-Command -ComputerName $ComputerName -ScriptBlock { param ($ComputerName, $NicName, $IpAddresses)

write-host "Setting on $ComputerName on interface $NicName a new set of DNS Servers $IpAddresses"

Set-DnsClientServerAddress -InterfaceAlias $NicName -ServerAddresses $IpAddresses

} -ArgumentList $ComputerName, $NicName, $IpAddresses

} else {

write-host "Can't access $ComputerName. Computer is not online."

}

}

The Using Is so Simple

# Where $ServerName (set as you need)

# Where Service (name of the Network Card (takes wildcard))

# Where IpAddresses (in brackets)

>Set-DnsServerIpAddress -ComputerName $ServerName -NicName "Service*" -IpAddresses '8.8.8.8','8.8.4.3','8.8.8.2'

Consider Using Action1 to Remotely Change DNS Settings if:

  • You need to run PowerShell commands on multiple computers simultaneously.
  • You have remote employees with computers not connected to your corporate network.

Action1 is a cloud-based remote monitoring and management software encompassing tools such as automated patch management, software deployment, remote desktop, software/hardware inventory, and endpoint management.

Related Articles

How To Delete User Profiles Remotely with PowerShell

When a user logs onto the computer for the first time (not via the network to access shared folders or printers), Windows creates a user profile. Among its contents are the NTUSER.DAT file (user profile settings), user-specific folders (My Documents, Desktop, etc.),...

About Action1 RMM

Action1 RMM is a cloud-based IT solution for remote monitoring and management, patching, and remote support.

Start your free two-week trial of Action1, or use RMM tools for free forever on 50 endpoints with no functionality limitations!



0 Comments

Submit a Comment

Your email address will not be published.

cloud patch management solutions action1

MSP Solution

Centralize endpoint management and boost efficiency of IT service delivery.

automated server patch management action compliance

Patch Management

Identify and deploy missing OS and third-party software updates.

cloud software deployment tools windows

Software Deployment

Distribute software and updates across managed endpoints.

software distribution tools software inventory action1

IT Asset Inventory

Keep a detailed inventory and manage hardware and software assets.

web client remote desktop

Remote Desktop

Support users via seamless remote desktop connection.

web based rdp client

Unattended Access

Provide administrative support and manage remote devices.

automated patch management action1

Endpoint Management

Run PowerShell, custom scripts, reboot computers and restart services.

API integrations action1

RESTful API

Integrate Action1 RMM to your IT ecosystem.

computer inventory tool for compliance

Reports and Alerts

Conduct endpoint security audits with comprehensive reporting.