Automating MS DNS Zone creation part 2

Wednesday, May 26, 2010

In the previous post I showed you how to create some Powershell scripts with intention to sync up a master and secondary DNS server, specifically by creating any missing secondary zones. In this post, I'll clean up the functions and create the main script to keep things in sync.

For the sake of cleanliness, I decided to split everything up into seperate reusable scripts, I have a feeling I'm going to be reusing parts of these scripts for various different things, so here are the new scripts and contents.

###############################################################
# function:    	zone-exists	
# parameters:  	$zoneName   - the name of the zone to look for  
#              	$server     - the FQDN of the server to look  
#              	$useruname  - user account
#              	$password   - password	  
# returns:	true/false	
# Author: 	Daniel Kohler
# blog:	  	http://danielkohler.name
# Disclaimer:	use at your own risk author is not responsible
#		for any damage you may cause by using this
#		script
# Copyright(c) 2010 - Icon Technology Solutions, Inc.
############################################################### 
param([string]$zonename,[string]$server,[parameter(mandatory=$false)]$username,[parameter(mandatory=$false)]$password);
$return=$false;

if(($username-ne $null)-band($password -ne $null)){

	$spwd=ConvertTo-SecureString $password -AsPlainText -Force
	$credential=New-Object System.Management.Automation.PSCredential $username, $spwd	
	
	$s=new-pssession -ComputerName $server -Credential $credential 
	enter-pssession -Session $s
	$c=Get-WMIObject -Class "MicrosoftDNS_Zone" -Namespace "root\MicrosoftDNS" -ComputerName $server | where-object{$_.Name -eq $zonename}
	$return=$c -ne $null

	#close session
	remove-pssession -Session $s
	#return
	
}
else{
	$c=Get-WMIObject -Class MicrosoftDNS_Zone -Namespace root\MicrosoftDNS -computername $server | where-object{$_.Name -eq $zonename}
	$return=$c -ne $null	
}
return $return;



###############################################################
#  Function:	Get-Zones
#  Purpose:	Retrieves the particluar zone by type 
#		specified for a given 
#		server.	
#  Parameters:	-server (required)	- the FQDN of the DNS 
#					server
#		-zonetype (required)	- the type of zone 
#					(0 -primary, 
#					1-secondary, etc) 
#		-username (optional)	- user account
#		-password (optional)	- password for user 
#					account	
#
# returns:	a collection of MicrosoftDNS_Zone records	
# Author: 	Daniel Kohler
# blog:	  	http://danielkohler.name
# Disclaimer:	use at your own risk author is not responsible
#		for any damage you may cause by using this
#		script
# Copyright(c) 2010 - Icon Technology Solutions, Inc.
###############################################################
param([string]$server,[int]$zonetype,[parameter(mandatory=$false)]$username=$null,[parameter(mandatory=$false)]$password=$null);
$return=$null;
if(($username-ne $null)-band($password -ne $null)){
	$spwd=ConvertTo-SecureString $password -AsPlainText -Force
	$credential=New-Object System.Management.Automation.PSCredential $username, $spwd
	$s=new-pssession -ComputerName $server -Credential $credential 
	enter-pssession -Session $s
	$Return=Get-WMIObject -Class MicrosoftDNS_Zone -Namespace root\MicrosoftDNS -computername $server | Where-Object{($_.ZoneType -eq $zoneType) -band($_.Name -ne "TrustAnchors")}
	remove-pssession -Session $s
}
else{
	$return=Get-WMIObject -Class MicrosoftDNS_Zone -Namespace root\MicrosoftDNS -computername $server | Where-Object{($_.ZoneType -eq $zoneType) -band($_.Name -ne "TrustAnchors")}
	
}
return $return;



###############################################################
# function:     new-secondary-zone.ps1
# parameters:  	$zoneName   - user account name  
#              	$masterIP   - delimited list of master ips  
#	       	$server     - server
#              	$username   - user account
#	       	$password   - user account password
# returns:	nothing			 	
# Author: 	Daniel Kohler
# blog:	  	http://danielkohler.name
# Disclaimer:	use at your own risk author is not responsible
#		for any damage you may cause by using this
#		script
# Copyright(c) 2010 - Icon Technology Solutions, Inc.
###############################################################
param([string]$zonename,[string]$masterIP,[string]$server,[parameter(mandatory=$false)]$username,[parameter(mandatory=$false)]$password);

if(($username-ne $null)-band($password -ne $null)){

	$spwd=ConvertTo-SecureString $password -AsPlainText -Force
	$credential=New-Object System.Management.Automation.PSCredential $username, $spwd	
	
	$s=new-pssession -ComputerName $server -Credential $credential 
	enter-pssession -Session $s	
	$s=new-pssession -ComputerName $server -Credential $credential 
	enter-pssession -Session $s

	$type=1;
	$fileName=$zoneName+".dns";
	$adminEmail="hostmaster@" +$zoneName;	
	
	([WmiClass]"\\$server\root\MicrosoftDNS:MicrosoftDNS_Zone").CreateZone( `
		$zoneName, $type, $false, $filename, `
		@($masterIP),$adminEmail) 

	#close session
	remove-pssession -Session $s
}
else{
	$type=1;
	$fileName=$zoneName+".dns";
	$adminEmail="hostmaster@" +$zoneName;	
	
	([WmiClass]"\\$server\root\MicrosoftDNS:MicrosoftDNS_Zone").CreateZone( `
		$zoneName, $type, $false, $filename, `
		@($masterIP),$adminEmail)
}

And the final script to sync everything up

#########################################################################
#  Utility Script:  	This script will create secondary forward lookup
#			zones on the server specified when they do not 
#			exist.  It uses a primary DNS server to
#			determine which zones are missing
# Author: 	Daniel Kohler
# blog:	  	http://danielkohler.name
# Disclaimer:	use at your own risk author is not responsible
#		for any damage you may cause by using this
#		script
# Copyright(c) 2010 - Icon Technology Solutions, Inc.
#########################################################################

$userName="someuser@domain.com";
$password="someusers_password"; 
$primaryDNS=".";
$masterIP="10.10.10.10";
[array]$secondaryDNS="ns1.domain.com","ns1.domain.com";

$credential= .\new-credential.ps1 -username $userName -password $password
$zones=.\get-zones.ps1 -server $primaryDNS -zoneType 1

foreach($zone in $zones)
{
	foreach($server in $secondaryDNS)
	{
		#determine if the zone exists on the remote server
		$e=.\zone-exists.ps1 -zonename $zone.Name -server $server -username $username -password $password 
	
		if($e -ne $true)
		{
			#we need to create this zone on the secondary server
			.\new-secondary-zone.ps1 -zonename $zone.Name -masterIP $masterIP -server $server -username $username -password $password
		}
	}
}

All of these scripts can also be found on our forum site, http://forums.iconsolution.net/viewforum.php?f=11

Comments

United Statesjv said:

Unfortuantely this won't work correctly in many cSes.

The use of a remote session is unnecessary with WMI as it does it's own remoting.

# 7/31/2010 8:43:53 PM
Comments are closed