Change DNS in a script


Recommended Posts

Here is the situation. We have 4 DNS servers were I work, 2 Linux (see to the world) & 2 Windows (behind our firewall).

DNS Servers (Not actual IPs)

Linux DNS1 10.0.0.1

Linux DNS2 10.0.0.2

Windows DNS1 10.0.0.3

Windows DNS2 10.0.0.4

We only recently setup the windows DNS (when we decided to start using SMS 2003). Some of the client machines are pointing to the linux DNS only. We need all the machines to point to the Windows DNS. We can't use a script to change the DNS settings for all devices to a specific IP because we have many users with laptops that have multiple settings (I.E. one setting for home and one for work).

We need a script that can change the address of the DNS if it matches a given IP.

Example:

If (Local Area Connection DNS1 = 10.0.0.1)

Then set DNS1 = 10.0.0.3

I have done many hours of research on the web and found many ways to set the DNS on all Local Area Connections but as I stated this is not what we need. Any help would be greatly appreciated. Please let me know if you need further info.

I would perfer a script that can run remotely for each machine but one that can be used in a login script would work as well.

Link to comment
https://www.neowin.net/forum/topic/435121-change-dns-in-a-script/
Share on other sites

Huh???

This is why you would use DHCP... Machine is at work -- DHCP hands out DNS it should use.. User takes machine home.. Their routers DHCP hands out DNS to use, or their ISP does..

Use DHCP -- solve all your problems.

As to a script way of changing clients to dhcp vs static, or changing their dns.. netsh is what your looking for..

http://www.microsoft.com/resources/documen...n-us/netsh.mspx

Using Netsh

example

netsh interface ip set dns "Local Area Connection" static 192.168.0.200

here -- quick little run through for you;

C:\>netsh interface ip show config

Configuration for interface "Local Area Connection"

DHCP enabled: Yes

InterfaceMetric: 0

DNS servers configured through DHCP: 10.40.0.218

10.40.0.219

WINS servers configured through DHCP: 10.40.0.233

Register with which suffix: Primary only

C:\>netsh interface ip set dns "Local Area Connection" static 192.168.0.200

Ok.

C:\>netsh interface ip show config

Configuration for interface "Local Area Connection"

DHCP enabled: Yes

InterfaceMetric: 0

Statically Configured DNS Servers: 192.168.0.200

WINS servers configured through DHCP: 10.40.0.233

Register with which suffix: Primary only

C:\>netsh interface ip set dns "Local Area Connection" dhcp

Ok.

C:\>netsh interface ip show config

Configuration for interface "Local Area Connection"

DHCP enabled: Yes

InterfaceMetric: 0

DNS servers configured through DHCP: 10.40.0.218

10.40.0.219

WINS servers configured through DHCP: 10.40.0.233

Register with which suffix: Primary only

Edited by BudMan

Forgive me if I am showing some ignorance here, but can you not bring up your Windows servers with the IP addresses that your Linux servers are currently using? Doing all the work at the server end, and making it transparent to the clients seems to be the best option to me.

  markjensen said:

Forgive me if I am showing some ignorance here, but can you not bring up your Windows servers with the IP addresses that your Linux servers are currently using? Doing all the work at the server end, and making it transparent to the clients seems to be the best option to me.

We cannot the IPs being used by the Linux servers are what is registered with the world and some of the internal machine need direct access to those servers. We do not want our private DNS servers to become our public servers for security and other reasons.

BudMan, the problem with netsh in a script is that I would have to assume all the connections are "Local Area Connection" when some are that others are "Local Area Connection 2", "Local Area Connection 3", etc.

I know the command can show me which connection I want but I need to capture that data in an automated process.

We have 2000+ clients and checking to see which "Local Area Connection" to use manually would be intensive at best.

Edited by xploit1030
  xploit1030 said:

We cannot use DHCP for many reasons that I won't bother going into here. Keep in mind some government organizations are required to use static IPs.

See my edit - I gave you the commands even.. netsh is how you would configure dns from the commandline, or script.. etc..

edit:

You can use whatever the name of the connection is in the command/script.... have you script look to what the name of the connections are.. then use that name when you make the change.. It's not freaking rocket science for gosh sake..

So you hint that your a gov office and your forced to use static IPs?? Where is this requirement?? I would be curious to read it -- its a gov office, then the requirements for security should be public -- should they not? Would reservations in dhcp not be an option?

Making mass changes to machines tcp/ip settings.. be it address mask, dns wins, etc... all kinds of other options you might want/need your clients to use is what dhcp is all about.. If you can not use that -- I would really look to why.. my guess is the guy before you did not have a clue to what he was doing ;) And your just stuck with the same mess -- Fix it!

Managing network settings for a large group of machines is what dhcp is meant to do.. sounds like you have a large group of machines.. you should be using dhcp.. If not guess you better get busy walking around to each machine ;) or you could do it all from your desk using netsh..

Sounds like it sucks to be you :rofl:

here maybe some of this will help..

http://www.microsoft.com/technet/scriptcen...tnc_remote.mspx

Automating TCP/IP Networking on Clients

Part 3: Scripting Remote Network Management

http://www.microsoft.com/technet/scriptcen...5_atnc_dns.mspx

Automating TCP/IP Networking on Clients

Part 5: Scripting DNS on Clients

Edited by BudMan

Well...I have a suggestion...

I *believe* WMI scripting in a vbscript will allow you to do this...ASSUMING all the network connections are named "Local Area Connection" followed by something, you could do a WMI query for all the adapters on the computer, and add an AND conditional that matches the IP you're looking to change... (you can use the % operator as a wildcard with the LIKE operator in the WMI query). Then, you could change it via the object.Put_ method (I think).

I don't have time to write a script for you, but that might point you in the right direction (sorry if I'm wrong here...seems like I did something like this once for work).

  Kasandoro said:

Well...I have a suggestion...

I *believe* WMI scripting in a vbscript will allow you to do this...ASSUMING all the network connections are named "Local Area Connection" followed by something, you could do a WMI query for all the adapters on the computer, and add an AND conditional that matches the IP you're looking to change... (you can use the % operator as a wildcard with the LIKE operator in the WMI query). Then, you could change it via the object.Put_ method (I think).

I don't have time to write a script for you, but that might point you in the right direction (sorry if I'm wrong here...seems like I did something like this once for work).

This is more along the lines of what I was already working. I found how to set a new IP, I just couldn't find a way to see the current DNS entry (a query).

  MazX_Napalm said:

Not even 2 minutes on Google and ......

Automating TCP/IP Networking on Clients

Part 5: Scripting DNS on Clients

http://www.microsoft.com/technet/scriptcen...5_atnc_dns.mspx

:rofl: I had posted that just before you did ;) Did not take anywhere close to 2 minutes.. like 5 seconds.. ;) First search, first page..

post-14624-1140556915_thumb.jpg

I appreciate the help even though you felt it was necessary to include the sarcasm.

Because the example didn't do exactly what I wanted (even though I too had found that exact article) I was hoping someone else had already run into the same problem but I guess posting questions leaves me open to ridicule.

It required a small amount of modification to get it working for my specific needs so I threw in a portion to change the settings for all machines in an OU (much better than 1 machine at a time).

I made two scripts one will change the DNS and DNS suffix settings on a single machine the other on an OU or array of OUs.

OUS = Array("OU=Workstations,DC=neowin,DC=net", _
"OU=TestOU,DC=neowin,DC=net")

For Each OU in OUS

Set objOU = GetObject("LDAP://" & OU)
objOU.Filter = Array("Computer")

On Error Resume Next
For Each objItem in objOU


strComputer = objItem.CN
strDNSDomain = "neowin.net"
strOldDNSServer1 = "192.168.0.2"
strOldDNSServer2 = "192.168.0.3"
arrNewDNSServerSearchOrder = Array("192.168.0.4", _
 "192.168.0.5", "192.168.0.2", "192.168.0.3")

Set objWMIService = GetObject("winmgmts:" _
 & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colNicConfigs = objWMIService.ExecQuery _
 ("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")

For Each objNicConfig In colNicConfigs
  arrDNSServerSearchOrder = objNicConfig.DNSServerSearchOrder
  If Not IsNull(objNicConfig.DNSServerSearchOrder) Then
	For Each strDNSServer In objNicConfig.DNSServerSearchOrder
	Next
  End If
  blnFound = 0
  For i = 0 to UBound(arrDNSServerSearchOrder)
	If (arrDNSServerSearchOrder(i) = strOldDNSServer1) OR _
	  arrDNSServerSearchOrder(i) = strOldDNSServer2 Then
	  arrDNSServerSearchOrder(i) = arrNewDNSServerSearchOrder(i)
	  blnFound = 1
	End If
  Next
  If blnFound Then
	retSetDNS = objNicConfig.SetDNSServerSearchOrder(arrDNSServerSearchOrder)
	intSetDomain = objNicConfig.SetDNSDomain(strDNSDomain)
  End If
Next

Set colNicConfigs = objWMIService.ExecQuery _
 ("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")

Next

wscript.echo "All DNS settings have been updated for the Computers in " & _
 OU & " have changed as of: " & Now()

Next

Now the single computer version

On Error Resume Next

strComputer = "."
strDNSDomain = "neowin.net"
strOldDNSServer1 = "192.168.0.2"
strOldDNSServer2 = "192.168.0.3"
arrNewDNSServerSearchOrder = Array("192.168.0.4", _
 "192.168.0.5", "192.168.0.2", "192.168.0.3")

Set objWMIService = GetObject("winmgmts:" _
 & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colNicConfigs = objWMIService.ExecQuery _
 ("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")

For Each objNicConfig In colNicConfigs
  arrDNSServerSearchOrder = objNicConfig.DNSServerSearchOrder
  If Not IsNull(objNicConfig.DNSServerSearchOrder) Then
	For Each strDNSServer In objNicConfig.DNSServerSearchOrder
	Next
  End If
  blnFound = 0
  For i = 0 to UBound(arrDNSServerSearchOrder)
	If (arrDNSServerSearchOrder(i) = strOldDNSServer1) OR _
	  arrDNSServerSearchOrder(i) = strOldDNSServer2 Then
	  arrDNSServerSearchOrder(i) = arrNewDNSServerSearchOrder(i)
	  blnFound = 1
	End If
  Next
  If blnFound Then
	retSetDNS = objNicConfig.SetDNSServerSearchOrder(arrDNSServerSearchOrder)
	intSetDomain = objNicConfig.SetDNSDomain(strDNSDomain)
  End If
Next

Set colNicConfigs = objWMIService.ExecQuery _
 ("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")


wscript.echo "All DNS settings have been updated for Computer: " & _
 strComputer & " as of: " & Now()

Dude, why don't you use reservations in DHCP? That will give the clients always the same address. Or does the government really require that it is put manually on every damn client?

Although I wouldn't be surprised, given all the pointless procedures some governments have. :no:

  Quote
' date='Feb 23 2006, 20:01' post='587235892']

Dude, why don't you use reservations in DHCP? That will give the clients always the same address. Or does the government really require that it is put manually on every damn client?

Although I wouldn't be surprised, given all the pointless procedures some governments have. :no:

We could but we would have to input all those MAC addresses which would take a long time. I'll agree that it is a better alternative than static IPs but a pain in the butt to implement.

Unfortuantly my bosses (as is almost always the case with the government) don't want us doing any huge projects like that as long as we can come up with work arounds like that script.

This is not the case on my network but I have worked with networks where DHCP is explicitly forbidden.

  xploit1030 said:

We could but we would have to input all those MAC addresses which would take a long time. I'll agree that it is a better alternative than static IPs but a pain in the butt to implement.

Unfortuantly my bosses (as is almost always the case with the government) don't want us doing any huge projects like that as long as we can come up with work arounds like that script.

This is not the case on my network but I have worked with networks where DHCP is explicitly forbidden.

OK, first of all this is not a major project. This process can be largely automated. Given that you are starting to use SMS, get used to scripting. SMS, is next to AD/Exchange/SQL, one of the most powerfull tools Microsoft has ever produced.

For instance, to put all reservations in MS DHCP, you could use the command dhcpcmd.exe which you will find on the Resourcekit.

All you have to do is generate a text file with the IP addresses and the MAC addresses.

Something like this...

dhcpcmd 10.0.0.1 addreservedip 10.0.1.0 10.0.1.150 001122334455

... will add an entry with MAC 001122334455 to DHCP server 10.0.0.1 with reserved ip 10.0.1.150 in the 10.0.1.x scope.

Now all you need to do is generate a list of mac addresses of all computers and run the script on your server to import everything in your server. If sms is already running on all clients you can simply get that info through sms. Otherwise let the clients dump the MAC address in a text file and put that in the DHCP import txt file.

If all this is over your head, get a consultant for a day who can help you. If your boss complains about the money, tell him that moving to DHCP will greatly simplify (a part of) the administration of your network and that it will save him money in the end.

  Quote
' date='Feb 24 2006, 12:15' post='587238445']

OK, first of all this is not a major project. This process can be largely automated. Given that you are starting to use SMS, get used to scripting. SMS, is next to AD/Exchange/SQL, one of the most powerfull tools Microsoft has ever produced.

For instance, to put all reservations in MS DHCP, you could use the command dhcpcmd.exe which you will find on the Resourcekit.

All you have to do is generate a text file with the IP addresses and the MAC addresses.

Something like this...

dhcpcmd 10.0.0.1 addreservedip 10.0.1.0 10.0.1.150 001122334455

... will add an entry with MAC 001122334455 to DHCP server 10.0.0.1 with reserved ip 10.0.1.150 in the 10.0.1.x scope.

Now all you need to do is generate a list of mac addresses of all computers and run the script on your server to import everything in your server. If sms is already running on all clients you can simply get that info through sms. Otherwise let the clients dump the MAC address in a text file and put that in the DHCP import txt file.

If all this is over your head, get a consultant for a day who can help you. If your boss complains about the money, tell him that moving to DHCP will greatly simplify (a part of) the administration of your network and that it will save him money in the end.

That is a great idea, and I'll take note of what you've done here but essentially I work for a bunch of monkeys afraid of change. It took me a year and a half to convince them of SMS. I've learned I have to pick my battles.

  BudMan said:

:blink: :blink: :blink: WTF have we been telling you from the start of this thread??? DHCP!! now its a great idea?? :rolleyes: :rofl:

Your right. You were one of the people that were quick to say "Just implement DCHP" to avoid answering my question.

I was thanking Komakino[bE] for his effort, he wasn't addressing my initial problem but my response to some other people's questions. DHCP is still not an option for my organization, but when the day comes that it is I will be better prepared for that switch.

  xploit1030 said:

Your right. You were one of the people that were quick to say "Just implement DCHP" to avoid answering my question.

Um -- not answering your question? What would you call this link in post 6 of this thread was then??

http://www.microsoft.com/technet/scriptcen...5_atnc_dns.mspx

Automating TCP/IP Networking on Clients

Part 5: Scripting DNS on Clients

Sure looks likes the scripts you posted came right out of that.. Not answering your question - yeah ok :rolleyes:

  Joel said:

Why not?

We cannot because as much sense as it would make no one person in my organization has the authority to implement it. It must be approved by a board. The afore mentioned board has no technical expertise and have been known to ignore the advice of my Department. We have no configuration management, no IT director, and no central management of any kind.

All decisions made here are made by committee, that makes what should be simple actions taken by one person almost impossible to implement here.

We have in the past and could again easily present all the data I have been given here as well as many other supporting documents and it will get shot down because some researcher with no IT experience doesn't want it. Trying to explain to all these people how it will benefit them is an exercise in futility. They don't care how much easier or better it will make thier jobs, or our jobs.

The day I leave this place will be a happy one, I only have a couple of years left. Until then I forced to work within the confines that exist here.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • I don't care about browser benchmarks. It's loads pages nearly instantly and doesn't really feel slow at all to me. Anyway I care more about features and stability and so far I'm satisfied. Plus I wouldn't use Edge if Microsoft paid me.
    • And the big problem we have seen with government organizations is the incredibly slow accountability. In the private space, the need to turn a profit forces the issue. That may not always be healthy, but it is swift. The best working example of a government organization is the USPS, but that is in part because it was created to operate like a business, with its own budget and revenue. That model may not work in every case, for example, I wouldn't want law enforcement under pressure to find revenue, but in some cases it does work.
    • Hell Let Loose, and A Little to the Left, and more join Xbox Free Play Days this weekend by Pulasthi Ariyasinghe Microsoft lets every Game Pass subscriber jump into fresh games every weekend for no extra cost, and it's time for another bunch of games to join the fray. The latest update offers Xbox Game Pass Ultimate, Standard, and Core subscribers access to three games: Dragon Ball Xenoverse 2, Hell Let Loose, and A Little to the Left. As usual, any progress made during the weekend also carries over automatically if you decide to purchase a game afterward. From the trio, Hell Let Loose is for shooter fans, offering 50 versus 50 PVP battles across various realistic World War II fronts. However, the gameplay is a much more hardcore experience compared to other shooters on the market. The title features infantry, tanks, and artillery warfare, with 14 roles available that offer different weapons and teamwork-related equipment. Next, Dragon Ball Xenoverse 2 comes in, touting its ties to the massive anime franchise. The title has players time-traveling to the past as a custom Dragon Ball character to make sure historical moments from the storyline happen just as fans remember. While the world itself is a massive one, fights happen in 3D arenas, taking cues from notable locations in the anime universe. If both those games are a bit too action-heavy, A Little to the Left is a cozy puzzle experience that aims to settle your perfectionist needs. The game has you sorting, stacking, and organizing household items from their awkward locations to more pleasing and organized placements. The controls mostly involve drag-and-drop operations, and some puzzles even have multiple solutions for neatness. Here are the three latest Free Play Days games and their supported platforms: Hell Let Loose - $24.99 (Xbox Series X|S, PC) DRAGON BALL XENOVERSE 2 - $5.99 (Xbox Series X|S, Xbox One, PC) A Little to the Left - $7.49 (Xbox Series X|S, Xbox One, PC) This Free Play Days promotion will end on Sunday, June 8, at 11:59 pm PT. Following this, expect another round of games to enter the program next Thursday.
    • AMD 25.6.1 driver out with RX 9060 XT support and a lot more FSR 4 games by Pulasthi Ariyasinghe A brand-new hardware launch is happening today for AMD, and to make sure its new GPUs are running properly, a new graphics driver has also landed right alongside it. The AMD Software: Adrenalin Edition 25.6.1 driver lands with support for the RX 9060 XT and the AMD Radeon AI PRO R9700, while also finally updating the number of games that support its AMD FidelityFX Super Resolution 4 upscaling technology. The consumer space-targeted RX 9060 XT graphics card comes in 8GB and 16GB flavors starting at $300 and $350 price points, respectively. Check out our launch coverage for this RDNA 4 GPU for more details here. At the same time, the AMD Radeon AI PRO R9700 comes in for handling professional workloads with a whopping 32GB of VRAM. While support for this card has already arrived with the latest driver, AMD is expecting to ship the product sometime in July 2025. The driver has also added official support for Onimusha 2: Samurai's Destiny Remaster as well, the Capcom-developed action game from last month. As for fixes, AMD has said that it has resolved reversed Quality and Performance selections in the Radeon Boost UI, as well as Le Mans Ultimate performance issues on RX 9070 series GPUs. There are quite a few known issues AMD is still working on: Stutter and lower than expected performance may be observed when using alt-tab and streaming to Discord with multiple monitors. Intermittent application crash or driver timeout may be observed while playing Marvel Spiderman 2 with Ray Tracing enabled on Radeon™ RX 9060 XT. Intermittent application crash may be observed when first launching The Last of Us Part 1 on Radeon™ RX 9060 XT graphics products. Stutter may be observed while playing games with some VR headsets at 80Hz or 90Hz refresh rate on some AMD Radeon™ Graphics Products such as the Radeon™ RX 7000 series. Users experiencing this issue are recommended to change the refresh rate as a temporary workaround. Intermittent system or application crash may be observed while playing Cyberpunk 2077 on some AMD Radeon™ Graphics Products such as the Radeon™ RX 7000 series. Intermittent application crash or driver timeout may be observed while playing Monster Hunter Wilds with Radeon™ Anti-Lag and Instant Replay enabled. Artifacts or corruption may appear while playing Battlefield™ V on Radeon™ RX 7000 series graphics products. Stutter may be observed while playing Call of Duty®: Warzone™ Season 03 ‘Verdansk’ map on some AMD Graphics Products. Stutter and lower than expected performance may be observed while playing 4K resolution YouTube videos in Chromium. Users experiencing this issue are recommended to play videos in full screen as a temporary workaround. Texture flickering or corruption may appear while playing The Elder Scrolls IV: Oblivion Remastered with AMD FidelityFX™ Super Resolution enabled on Radeon™ RX 9070 XT. Users experiencing this issue are recommended to disable AMD FidelityFX™ Super Resolution as a temporary workaround. As for FSR 4, these games are now supported by the popular upscaling tech for gaining more frames: Deadzone: Rogue Rem Survival F1 25 Runescape: Dragonwilds Frostpunk 2 Star Wars Outlaws Legacy: Steel & Sorcery Steel Seed Lords of the Fallen Stellar Blade Planetaries Virtua Fighter 5 R.E.V.O QANGA Wild Assault The complete list of games with FSR 4 support, as well as upcoming implementations, can be found on AMD's support page here. The WHQL-certified AMD Software: Adrenalin Edition 25.6.1 driver can now be downloaded from the AMD Software app as well as the changelog page on its official website here.
  • Recent Achievements

    • Week One Done
      jbatch earned a badge
      Week One Done
    • First Post
      Yianis earned a badge
      First Post
    • Rookie
      GTRoberts went up a rank
      Rookie
    • First Post
      James courage Tabla earned a badge
      First Post
    • Reacting Well
      James courage Tabla earned a badge
      Reacting Well
  • Popular Contributors

    1. 1
      +primortal
      406
    2. 2
      +FloatingFatMan
      181
    3. 3
      snowy owl
      176
    4. 4
      ATLien_0
      170
    5. 5
      Xenon
      135
  • Tell a friend

    Love Neowin? Tell a friend!