I had a customer where new DNS servers was setup (that was - new DCs with AD integrated DNS). To change DNS server settings on the Nic, facing the produktion network, on all servers in the domain, I wrote this script.
Using RootDse, no domain name is hardcoded.
The script checks the AD for servers,
then it check all NICs on the server to see if there is DNS settings matching the ip's given in strings strODNS1 and strODNS2.
If a match is found, the DNS settings are changed to the ip's given in strNDNS1 and strNDNS2.
Same is done regarding WINS settings.
A logfile - DNS.TXT - are created, listing servernames and changes made.
-------------------------------------------------------------------------------
'Change DNS and WINS on NICs
'
On Error Resume Next
'Old settings
strODNS1="192.168.1.19"
strODNS2="192.168.1.10"
strOWins1="192.168.1.19"
strOWins2="192.168.1.10"
'New settings
strNDNS1="192.168.1.19"
strNDNS2="192.168.1.100"
strNWins1="192.168.1.19"
strNWins2="192.168.1.100"
Const ADS_SCOPE_SUBTREE = 2
Const strLogFile = "DNS.TXT"
Const ForReading = 1, ForWriting = 2, ForAppending = 8
Dim fso, f
'Delete log file if it exists
Set fso = CreateObject("Scripting.FileSystemObject")
if fso.FileExists(strLogFile) then
fso.DeleteFile strLogFile
end if
WriteLog "Started: " & date
WriteLog " "
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCOmmand.ActiveConnection = objConnection
Set RootDse = GetObject( "LDAP://RootDse" )
strADSPath = "LDAP://" & RootDse.get( "DefaultNamingContext" )
objCommand.CommandText = "Select Name,operatingSystem from '" & strADSPath & "' Where objectClass='computer' and OperatingSystem='*server*'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
objServer = objRecordSet.Fields("Name").Value
wscript.echo "Checkin server: " & objServer
WriteLog "Checking server: " & objServer
'objOS = objRecordset.Fields("OperatingSystem").value
'wscript.echo objOS
strComputer = objServer
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colAdapters = objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")
For Each objAdapter in colAdapters
If Not IsNull(objAdapter.IPAddress) Then
For i = 0 To UBound(objAdapter.IPAddress)
'WScript.Echo " IP address: " & objAdapter.IPAddress(i)
'WriteLog " IP: " & objAdapter.IPAddress(i)
Next
End If
If Not IsNull(objAdapter.DNSServerSearchOrder) Then
For i = 0 To UBound(objAdapter.DNSServerSearchOrder)
'WScript.Echo " DNS " & objAdapter.DNSServerSearchOrder(i)
'WriteLog " DNS " & objAdapter.DNSServerSearchOrder(i)
if (objAdapter.DNSServerSearchOrder(i) = strODNS1) or (objAdapter.DNSServerSearchOrder(i) = strODNS2) then
writeLog " - dns settings changed ..."
objAdapter.SetDNSServerSearchOrder Array (strNDNS1,strNDNS2)
end if
Next
End If
'WriteLog " WINS1: " & objAdapter.WINSPrimaryServer
'WriteLog " WINS2: " & objAdapter.WINSSecondaryServer
if (objAdapter.WINSPrimaryServer = strOWins1) or (objAdapter.WINSPrimaryServer = strOWins2) then
objAdapter.SetWINSServer strNWins1,strNWins2
WriteLog " - WINS settings are changed..."
end if
Next
WriteLog " "
objRecordSet.MoveNext
Loop
Function WriteLog(aStr)
Set fso = CreateObject("Scripting.FileSystemObject")
Set f = fso.OpenTextFile(strLogFile, ForAppending, True)
f.WriteLine aStr
f.Close
Set f = Nothing
Set fso = Nothing
End Function
05 May 2010
Remote scripting on Windows Server 2008
If you leave the windows firewall turned on on your Windows Server 2008 boxes, you are not allowed to run script against a remote server.
The windows firewall will block these attemps.
Running in a domain, the fastest way to allow remote script execution, is to create a group policy...
Create a new GPO and drill to:
Computer Configuration -> Policies -> Administrative Templates -> Network -> Network Connections -> Windows Firewall -> Domain Profile
Set "Windows Firewall: Allow inbound remote administration exception" to "Enabled"
- and configure with a specific ip address (if only one machine is allowed for remote scripting)or a subnet (the subnet from where the remote script will be fired).
The windows firewall will block these attemps.
Running in a domain, the fastest way to allow remote script execution, is to create a group policy...
Create a new GPO and drill to:
Computer Configuration -> Policies -> Administrative Templates -> Network -> Network Connections -> Windows Firewall -> Domain Profile
Set "Windows Firewall: Allow inbound remote administration exception" to "Enabled"
- and configure with a specific ip address (if only one machine is allowed for remote scripting)or a subnet (the subnet from where the remote script will be fired).
Subscribe to:
Posts (Atom)