Solved

Update Preferred DNS throughout Domain

Posted on 2008-10-01
43
837 Views
Last Modified: 2012-05-05
Have four DNS servers that are configured for TCP/IP.  About 6 months ago one of these servers for whatever reason, had an IP change.  Now throughout the domain, servers and workstation still maintain the incorrect DNS entry for this server, which is configured as the First preferred DNS entry.  

is there a way I can scan the network and determine all the DNS entries for the machines, most importantly servers.  And if there is a way to scan to verify whether the servers are updated correctly, we have about 300, is there a way to globally update all the servers?
0
Comment
Question by:mdmcq5
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 21
  • 18
  • 4
43 Comments
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22617171
Probably you can update your dns servers address on all the workstations using group policy
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22617191
Computer Configuration / Administrative Templates / Network / DNS Client / Primary DNS Suffix Group Policy setting and apply the GP
0
 

Author Comment

by:mdmcq5
ID: 22617386
The problem with that is, it only allows for ONE DNS entry and there are FOUR
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22617535
the probably you can use the DHCP server for this...thats the correct way to do it..When the DHCP leases the ip address it adds the DNS entry also.

Do you have a DHCP server?
0
 

Author Comment

by:mdmcq5
ID: 22617803
yes, we have a DHCP server that has the up to date DNS info, but it doesn't appear to be pushing this info to the other servers
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22618088
you have to make sure that all the workstation get the ip address from the DHCP server
0
 

Author Comment

by:mdmcq5
ID: 22618345
well, the servers all have static IPs.  So they are manually configured w/the DNS information.  How can these entries be confirmed, as well as easily updated?
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22619005
Attached is a VBScript WMI snippet that reports what it intends to change, and with a minor comment removal in the middle query section it also fixes all the DNS servers up for all the servers in the target OU or CN group.
You will want to run this as an admin for that group of servers, probably Domain Admin.
It also requires WMI access.

After you modify the user parameters at the top to what you need, run it and it will tell you what it intends to do - for 300 servers this will be pretty damn verbose. I think it works, so if you have WMI access to your servers there should be no problem - this step is optional.
I'd do a test run first if i were you, just for my peace of mind.

Once you decide to uncomment the update line, this line will also report the status of the operation: 0 is a good thing.
I'd suggest turning off the verbose "changed to ... from" for the real run, as it will be easier to read just the status codes.

If you want to do a test run first the easiest way is to set pingno to 30 or something, and CTRL-C out of it if you don't like what's going on.

If you don't have WMI access on your servers (tisk) there's also a fairly simple way of doing it with RemoteIT.au3 (google) and netsh, but it's a lot easier said than done.

On with my WMI script:
It will loop all the "Computer" objects in the target OU that answer to ping, loop all their network cards and all their respective DNS entries looking for your old DNS number, as set by the user strings upstairs

It stores the DNS for a network card (NIC) in two arrays - each array initially contains your old data.
The newdns array will get the old DNS number replaced by the new DNS number.
If it makes a replace in the array, the script sets an update flag which will be reset for the next NIC, which is then checked by the update conditions.
The update sequence will request the change, and return the NIC description text and the update's status.
The script then shows the old array and the new array.
Else, the update logic announces there will be no update on that NIC and moves on.

If ping fails on the server, the script simply announces it as unreachable "network error"
'PLEASE NOTE THIS SCRIPT IS NEUTERED BY DEFAULT BY A COMMENTED EDIT LINE IN THE QUERY CODE SECTION
 
'user parameter: old DNS Server IP address
oldDNS="192.12.33.2"
 
'user parameter: new DNS Server IP address
newDNS="192.13.3.3"
 
'user parameter - domain path
'example:  LDAPPath="LDAP://OU=Domain Controllers,dc=mydomain,dc=com"
'example2: LDAPPath="LDAP://CN=Computers,dc=mydomain,dc=co,dc=uk"
LDAPPath="LDAP://OU=Domain Controllers,dc=mydomain,dc=co,dc=uk"
 
'user parameter - number of pings before considering a host to be dead - should probably be at least 2 in a production script, but this should work fine
pingno=1
 
On Error Resume Next
 
Set objOU = GetObject(LDAPPath)
objOU.Filter = Array("Computer")
 
For Each objComputer in objOU
strComputer = objComputer.CN
 
Wscript.Echo strComputer
 
Set objShell = CreateObject("WScript.Shell")
 
strCommand = "ping -n " & pingno & " " & strComputer
 
Return = objShell.Run(strCommand,0,True)
 
If Return = 0 Then
 
' =====================================================================
 
' Insert your query code here
 
' =====================================================================
 
On Error Resume Next
 
Set objWMIService = GetObject( _
    "winmgmts:\\" & strComputer & "\root\cimv2")
Set colNetCards = objWMIService.ExecQuery _
    ("Select * From Win32_NetworkAdapterConfiguration " _ 
        & "Where IPEnabled = True")
 
For Each objNetCard in colNetCards
 
WillUpdateDNS=false
description=objNetCard.Description
 
 if (not isnull(objNetCard.DNSServerSearchOrder)) then
	arroldDNS = objNetCard.DNSServerSearchOrder
        arrnewDNS = arroldDNS
	For i=0 to UBound(arroldDNS)		
		if (arroldDNS(i) = oldDNS) then
			arrnewDNS(i) = newDNS
			WillUpdateDNS=true
		end if
	Next
 
	if (WillUpdateDNS) then
'NEUTERED		WScript.echo "dns updating on " &description & " status: " & objNetCard.setDNSServerSearchOrder(arrnewDNS)
		WScript.Echo "Updated to"
		for each newdns in arrnewdns
			WScript.Echo newdns
		next
 
		WScript.Echo "from DNS"
		for each olddns in arrolddns
			WScript.Echo olddns
		next
   	else 
		wscript.echo  "dns not updating on " &description
  	end if
  end if   
Next
 
WScript.Echo String(60,"=")
 
' =====================================================================
 
' End Query code
 
' =====================================================================
 
 
Else
Wscript.StdOut.WriteLine vbTab & "NETWORK ERROR"
End If
Next

Open in new window

0
 
LVL 5

Expert Comment

by:sciphre
ID: 22619109
Note that the script assumes independent DNS settings on each server, and works very hard at that.
If you have a fixed set of 4 DNS servers across the board it gets a lot safer/faster/simpler by just updating with a hand-made arrnewDNS = Array("xxx.xxx.xx.xxx","yyy.yyy.yyy.yyy
,"zzz.zzz.zzz.zzz","aaa.aaa.aaa.aaa")

But I'm silly like that sometimes. If you're still on throw up a comment about it and i'll mod the script for you if needed, but you're rather limited in time.
0
 

Author Comment

by:mdmcq5
ID: 22619179
Does this WMI code produce an output file?
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22619194
No, it just dumps everything on the console.

Run it from a cmd shell with "cscript wmifile.vbs"
if you want an output file to analyze use "cscript wmifile.vbs > testrun.log"
0
 

Author Comment

by:mdmcq5
ID: 22619213
I created the snippet above and changed the OU values, etc. - ran as a VBS and got a pop up w/no data just an OK button.  What did I miss?
0
 

Author Comment

by:mdmcq5
ID: 22619230
canonical name of the OU I can do a test run is:
us.ad.united.com/US Servers/Corp Servers

so in this section:
'user parameter - domain path
'example:  LDAPPath="LDAP://OU=Domain Controllers,dc=mydomain,dc=com"
'example2: LDAPPath="LDAP://CN=Computers,dc=mydomain,dc=co,dc=uk"
LDAPPath="LDAP://OU=Domain Controllers,dc=mydomain,dc=co,dc=uk"

I put
LDAPPath="LDAP://OU=Corp Servers,dc=us.ad.united,dc=com"
Which I'm sure is COMPLETELY wrong
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22619289
This should be ok, assuming "corp servers" is of type OU, and the rest are subdomains - just split the domains with a dc for each :)

LDAPPath="LDAP://OU=Corp Servers,dc=us,dc=ad,dc=united,dc=com"

The reason you got a blank popup is that it wasn't finding the CN.
I neglected to mention the "run it in a command line with "cscript scriptfile.vbs" " thing initially, but don't miss that - or it will give you all the info in popups - a LOT of popups.
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22619309
Oops, i just re-read your full post.
Two OUs, and THEN dc=us
Apologies, it's getting horribly late here.

LDAPPath="LDAP://OU=Corp Servers,OU=US Servers,dc=us,dc=ad,dc=united,dc=com"
0
 

Author Comment

by:mdmcq5
ID: 22619664
ok, so I made the changes and ran from CMD, but I'm receiving pop up after pop up

One pop up said it performed the update; I thought it was supposed to produce output of what it would update before updating
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22619763
It doesn't actually update until you uncomment the neutered line, but the rest looks nearly the same
You are getting popups because you probably didnt call it with cscript in front of the file name
Im sorry but i need to call it a night
Clarify in 6 hrs unless someone finds you a solution quicker
0
 

Author Comment

by:mdmcq5
ID: 22619810
I didn't run the cmd with the csript - still playing around with it.  Have an output log that has a good majority of "NETWORK ERROR" entries.
0
 
LVL 5

Accepted Solution

by:
sciphre earned 500 total points
ID: 22622008
Let's see. Rollup of issues and changes.

The script must be run as an OU or Domain Admin from a command line (Start->Run->CMD), using the command
"cscript scriptfile.vbs"

This avoids the pop-ups, and puts all the messages in the console, where you could redirect them to a file if you wished, by using the command
"cscript scriptfile.vbs > logfile.log"
instead of the first one.

About the messages the old script generates:
It will tell you it has updated things when in fact it hasn't. That's what it WOULD update, if the line
'NEUTERED               WScript.echo "dns updating on " &description & " status: " & objNetCard.setDNSServerSearchOrder(arrnewDNS)
wasn't commented out.

I've cleaned up this behaviour in the new snippet and added a conditional clause using the user parameter DRYRUN. It now says exactly what it's doing.

Now, since you're getting lots of NETWORK ERROR entries it means that for some reason it's not pinging your servers. This means they're either down or firewalled to oblivion.
It also means that the OU lookup is going ok and you're looking at a list of servers.

While you could easily remove the ping check, the fact that you can't ping them means that you can't access them via WMI either, as windows automagically allows ping to go through if port 445 is open. Port 445 is required for WMI.
This problem may be due to you running the script from a station that's not on the administrative network, or to excessive security.

In order to access the servers via WMI you need to add the IP of the computer you're scanning from to the "Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile\Allow remote administrative access exception" entry on the GPO covering that OU, this should clear up both the ping issue and any WMI issues.
Note that if your servers are also configured as DCs, they will always apply the "Standard Profile", not the "Domain Profile" for the firewall.

'user parameter: old DNS Server IP address
oldDNS="192.12.3.2"
 
'user parameter: new DNS Server IP address
newDNS="192.13.3.3"
 
'user parameter - domain path
'example:  LDAPPath="LDAP://OU=Domain Controllers,dc=mydomain,dc=com"
'example2: LDAPPath="LDAP://CN=Computers,dc=mydomain,dc=co,dc=uk"
LDAPPath="LDAP://OU=Corp Servers,OU=US Servers,dc=us,dc=ad,dc=united,dc=com"
 
'user parameter - number of pings before considering a host to be dead - should probably be at least 2 in a production script, but this should work fine
pingno=1
 
'user parameter - TRUE:Run without changing anything, and be very verbose about changes. FALSE:the script replaces DNS servers on affected network cards, reports the card name and the exit code of the change operation.
DRYRUN=TRUE
 
On Error Resume Next
 
Set objOU = GetObject(LDAPPath)
objOU.Filter = Array("Computer")
 
For Each objComputer in objOU
strComputer = objComputer.CN
 
Set objShell = CreateObject("WScript.Shell")
 
strCommand = "ping -n " & pingno & " " & strComputer
 
Return = objShell.Run(strCommand,0,True)
 
If Return = 0 Then
 
' =====================================================================
 
' Insert your query code here
 
' =====================================================================
 
On Error Resume Next
 
Set objWMIService = GetObject( _
    "winmgmts:\\" & strComputer & "\root\cimv2")
Set colNetCards = objWMIService.ExecQuery _
    ("Select * From Win32_NetworkAdapterConfiguration " _ 
        & "Where IPEnabled = True")
 
For Each objNetCard in colNetCards
 
WillUpdateDNS=false
description=objNetCard.Description
 
 if (not isnull(objNetCard.DNSServerSearchOrder)) then
        arroldDNS = objNetCard.DNSServerSearchOrder
        arrnewDNS = arroldDNS
        For i=0 to UBound(arroldDNS)            
                if (arroldDNS(i) = oldDNS) then
                        arrnewDNS(i) = newDNS
                        WillUpdateDNS=true
                end if
        Next
 
        if (WillUpdateDNS) then
           if (not DRYRUN) then 
		WScript.echo "dns updating" & " status: " &strComputer &" "& objNetCard.setDNSServerSearchOrder(arrnewDNS) & " " & description
            else
                WScript.Echo "Would update DNS set"
                for i=0 to UBound(arrnewdns)
                        WScript.Echo "from DNS: " &arroldDNS(i) &" to: " &arrnewdns(i)
                next
	   end if
        else 
                wscript.echo  "dns update not needed on server " &strComputer &" NIC " &description
        end if
  end if   
Next
 
WScript.Echo String(60,"=")
 
' =====================================================================
 
' End Query code
 
' =====================================================================
 
 
Else
Wscript.StdOut.WriteLine vbTab & "NETWORK ERROR"
End If
Next

Open in new window

0
 
LVL 5

Expert Comment

by:sciphre
ID: 22622061
Here's a small script to check WMI functionality.
Taken from http://msdn.microsoft.com/en-us/library/aa394595(VS.85).aspx

It will show all IP addresses for all interfaces that have IP enabled on the target computer.
'the commented out strcomputer addresses the local host
'strComputer = "."
strComputer = "myserverhostname"
 
Set objWMIService = GetObject( _
    "winmgmts:\\" & strComputer & "\root\cimv2")
Set IPConfigSet = objWMIService.ExecQuery _
    ("Select IPAddress from Win32_NetworkAdapterConfiguration" _
        & " where IPEnabled=TRUE")
 
For Each IPConfig in IPConfigSet
    If Not IsNull(IPConfig.IPAddress) Then 
        For i=LBound(IPConfig.IPAddress) _
        to UBound(IPConfig.IPAddress)
            WScript.Echo IPConfig.IPAddress(i)
        Next
    End If
Next

Open in new window

0
 

Author Comment

by:mdmcq5
ID: 22623777
excellent! I'll work on this today and keep you posted.
0
 

Author Comment

by:mdmcq5
ID: 22625504
ok, so the second set of code you sent:
'user parameter: old DNS Server IP address
oldDNS="192.12.3.2"
 
'user parameter: new DNS Server IP address
newDNS="192.13.3.3"

When I run it, it is not outputting the name of the servers that needs changes, only the ones that don't. I think the code is fantastic, but can you change to include the name of the server with the output file?  For example, the output file has hundreds of entries that just have:
============================================================
Would update DNS set
from DNS: 10.1.9.9 to: 10.6.9.19
============================================================

but the ones that don't need a change say
============================================================
dns update not needed on server USPRODUCTION NIC HP NC7771 Gigabit Server Adapter
============================================================
0
 

Author Comment

by:mdmcq5
ID: 22625556
alright, I figured the &strComputer string out...

can you explain this in more detail?
If you have a fixed set of 4 DNS servers across the board it gets a lot safer/faster/simpler by just updating with a hand-made arrnewDNS = Array("xxx.xxx.xx.xxx","yyy.yyy.yyy.yyy
,"zzz.zzz.zzz.zzz","aaa.aaa.aaa.aaa")
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22625595
OOps, the initial version had the server name on top and I removed it to clean up the vertical clutter.
I've added it to the actual modify lines, and the ones that don't modify, but the dry run verbose doesn't show it.

Here, how's this:
'user parameter: old DNS Server IP address
oldDNS="192.12.3.2"
 
'user parameter: new DNS Server IP address
newDNS="192.13.3.3"
 
'user parameter - domain path
'example:  LDAPPath="LDAP://OU=Domain Controllers,dc=mydomain,dc=com"
'example2: LDAPPath="LDAP://CN=Computers,dc=mydomain,dc=co,dc=uk"
LDAPPath="LDAP://OU=Corp Servers,OU=US Servers,dc=us,dc=ad,dc=united,dc=com"
 
'user parameter - number of pings before considering a host to be dead - should probably be at least 2 in a production script, but this should work fine
pingno=1
 
'user parameter - TRUE:Run without changing anything, and be very verbose about changes. FALSE:the script replaces DNS servers on affected network cards, reports the card name and the exit code of the change operation.
DRYRUN=TRUE
 
On Error Resume Next
 
Set objOU = GetObject(LDAPPath)
objOU.Filter = Array("Computer")
 
For Each objComputer in objOU
strComputer = objComputer.CN
 
Set objShell = CreateObject("WScript.Shell")
 
strCommand = "ping -n " & pingno & " " & strComputer
 
Return = objShell.Run(strCommand,0,True)
 
If Return = 0 Then
 
' =====================================================================
 
' Insert your query code here
 
' =====================================================================
 
On Error Resume Next
 
Set objWMIService = GetObject( _
    "winmgmts:\\" & strComputer & "\root\cimv2")
Set colNetCards = objWMIService.ExecQuery _
    ("Select * From Win32_NetworkAdapterConfiguration " _ 
        & "Where IPEnabled = True")
 
For Each objNetCard in colNetCards
 
WillUpdateDNS=false
description=objNetCard.Description
 
 if (not isnull(objNetCard.DNSServerSearchOrder)) then
        arroldDNS = objNetCard.DNSServerSearchOrder
        arrnewDNS = arroldDNS
        For i=0 to UBound(arroldDNS)            
                if (arroldDNS(i) = oldDNS) then
                        arrnewDNS(i) = newDNS
                        WillUpdateDNS=true
                end if
        Next
 
        if (WillUpdateDNS) then
           if (not DRYRUN) then 
                WScript.echo "dns updating" & " status: " &strComputer &" "& objNetCard.setDNSServerSearchOrder(arrnewDNS) & " " & description
            else
                WScript.Echo "Would update DNS set for " &strComputer
                for i=0 to UBound(arrnewdns)
                        WScript.Echo "from DNS: " &arroldDNS(i) &" to: " &arrnewdns(i) 
                next
           end if
        else 
                wscript.echo  "dns update not needed on server " &strComputer &" NIC " &description
        end if
  end if   
Next
 
WScript.Echo String(60,"=")
 
' =====================================================================
 
' End Query code
 
' =====================================================================
 
 
Else
Wscript.StdOut.WriteLine vbTab & "NETWORK ERROR"
End If
Next

Open in new window

0
 
LVL 5

Expert Comment

by:sciphre
ID: 22625649
Well, if you look at my code, it picks up the target's DNS servers array from WMI, then loops through it and replaces matches to the old DNS one by one.

If you knew that none of the machines have specific, custom DNS needs you could completely skip this "edit" step and just replace the whole array directly, therefore sparing you an interrogation and a couple of loops.

Not worth the trouble in this phase - it would have been much simpler to code than the current solution, if done from the beginning.
0
 

Author Comment

by:mdmcq5
ID: 22625974
ok so I'm beginning to think all the servers are not listed in AD - how can I change the LDAP code to pull from a text file with all the server names?
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22626208
Well, you'd need to replace the LDAP object with an FSO object.
Using this as a quick reference: http://www.itworld.com/nl/win_this_wk/04282003/

Also note that the non-Domain servers may be Linux-based, in which case WMI simply won't work.
You'll need to do that via SSH, which is easy, but a different question.

Note that the servers.txt file needs to be in the same folder. The lines are CN or FQDN, i'd recommend fqdn if they're not on the same domain.

Also note that the last line in servers.txt is empty - not sure why this is important but it locks up otherwise.

Have a shot:
'user parameter: old DNS Server IP address
oldDNS="192.12.3.2"
 
'user parameter: new DNS Server IP address
newDNS="192.13.3.3"
 
'user parameter - domain path
'example:  LDAPPath="LDAP://OU=Domain Controllers,dc=mydomain,dc=com"
'example2: LDAPPath="LDAP://CN=Computers,dc=mydomain,dc=co,dc=uk"
'LDAPPath="LDAP://OU=Corp Servers,OU=US 'Servers,dc=us,dc=ad,dc=united,dc=com"
 
'user parameter - number of pings before considering a host to be dead - should probably be at least 2 in a production script, but this 
 
should work fine
pingno=1
 
'user parameter - TRUE:Run without changing anything, and be very verbose about changes. FALSE:the script replaces DNS servers on affected 
 
network cards, reports the card name and the exit code of the change operation.
DRYRUN=TRUE
 
On Error Resume Next
 
'Set objOU = GetObject(LDAPPath)
'objOU.Filter = Array("Computer")
 
'For Each objComputer in objOU
'strComputer = objComputer.CN
 
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTextFile = objFSO.OpenTextFile("servers.txt",1)
Do Until objTextFile.AtEndOfStream
strComputer = objTextFile.Readline
 
Set objShell = CreateObject("WScript.Shell")
 
strCommand = "ping -n " & pingno & " " & strComputer
 
Return = objShell.Run(strCommand,0,True)
 
If Return = 0 Then
 
' =====================================================================
 
' Insert your query code here
 
' =====================================================================
 
On Error Resume Next
 
Set objWMIService = GetObject( _
    "winmgmts:\\" & strComputer & "\root\cimv2")
Set colNetCards = objWMIService.ExecQuery _
    ("Select * From Win32_NetworkAdapterConfiguration " _ 
        & "Where IPEnabled = True")
 
For Each objNetCard in colNetCards
 
WillUpdateDNS=false
description=objNetCard.Description
 
 if (not isnull(objNetCard.DNSServerSearchOrder)) then
        arroldDNS = objNetCard.DNSServerSearchOrder
        arrnewDNS = arroldDNS
        For i=0 to UBound(arroldDNS)            
                if (arroldDNS(i) = oldDNS) then
                        arrnewDNS(i) = newDNS
                        WillUpdateDNS=true
                end if
        Next
 
        if (WillUpdateDNS) then
           if (not DRYRUN) then 
                WScript.echo "dns updating" & " status: " &strComputer &" "& objNetCard.setDNSServerSearchOrder(arrnewDNS) & " " & 
 
description
            else
                WScript.Echo "Would update DNS set for " &strComputer
                for i=0 to UBound(arrnewdns)
                        WScript.Echo "from DNS: " &arroldDNS(i) &" to: " &arrnewdns(i) 
                next
           end if
        else 
                wscript.echo  "dns update not needed on server " &strComputer &" NIC " &description
        end if
  end if   
Next
 
WScript.Echo String(60,"=")
 
' =====================================================================
 
' End Query code
 
' =====================================================================
 
 
Else
Wscript.StdOut.WriteLine vbTab & "NETWORK ERROR"
End If
Loop

Open in new window

servers.txt
0
 

Author Comment

by:mdmcq5
ID: 22626818
ok, I get his error when I try to run your updated script:
C:\dnscheck.vbs(14, 13) Microsoft VBScript compilation
 error: Expected end of statement
0
 
LVL 5

Assisted Solution

by:sciphre
sciphre earned 500 total points
ID: 22626875
EE appears to have messed up the line wrapping and exposed a couple of  previously commented lines.
Fully checked and fixed.
'user parameter: old DNS Server IP address
oldDNS="192.12.3.2"
 
'user parameter: new DNS Server IP address
newDNS="192.13.3.3"
 
'user parameter - domain path
'example:  LDAPPath="LDAP://OU=Domain Controllers,dc=mydomain,dc=com"
'example2: LDAPPath="LDAP://CN=Computers,dc=mydomain,dc=co,dc=uk"
'LDAPPath="LDAP://OU=Corp Servers,OU=US 'Servers,dc=us,dc=ad,dc=united,dc=com"
 
'user parameter - number of pings before considering a host to be dead - should probably be at least 2 in a production script, but this should work fine
pingno=1
 
'user parameter - TRUE:Run without changing anything, and be very verbose about changes. FALSE:the script replaces DNS servers on affected network cards, reports the card name and the exit code of the change operation.
DRYRUN=TRUE
 
On Error Resume Next
 
'Set objOU = GetObject(LDAPPath)
'objOU.Filter = Array("Computer")
 
'For Each objComputer in objOU
'strComputer = objComputer.CN
 
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTextFile = objFSO.OpenTextFile("servers.txt",1)
Do Until objTextFile.AtEndOfStream
strComputer = objTextFile.Readline
 
Set objShell = CreateObject("WScript.Shell")
 
strCommand = "ping -n " & pingno & " " & strComputer
 
Return = objShell.Run(strCommand,0,True)
 
If Return = 0 Then
 
' =====================================================================
 
' Insert your query code here
 
' =====================================================================
 
On Error Resume Next
 
Set objWMIService = GetObject( _
    "winmgmts:\\" & strComputer & "\root\cimv2")
Set colNetCards = objWMIService.ExecQuery _
    ("Select * From Win32_NetworkAdapterConfiguration " _ 
        & "Where IPEnabled = True")
 
For Each objNetCard in colNetCards
 
WillUpdateDNS=false
description=objNetCard.Description
 
 if (not isnull(objNetCard.DNSServerSearchOrder)) then
        arroldDNS = objNetCard.DNSServerSearchOrder
        arrnewDNS = arroldDNS
        For i=0 to UBound(arroldDNS)            
                if (arroldDNS(i) = oldDNS) then
                        arrnewDNS(i) = newDNS
                        WillUpdateDNS=true
                end if
        Next
 
        if (WillUpdateDNS) then
           if (not DRYRUN) then 
                WScript.echo "dns updating" & " status: " &strComputer &" "& objNetCard.setDNSServerSearchOrder(arrnewDNS) & " " &description
            else
                WScript.Echo "Would update DNS set for " &strComputer
                for i=0 to UBound(arrnewdns)
                        WScript.Echo "from DNS: " &arroldDNS(i) &" to: " &arrnewdns(i) 
                next
           end if
        else 
                wscript.echo  "dns update not needed on server " &strComputer &" NIC " &description
        end if
  end if   
Next
 
WScript.Echo String(60,"=")
 
' =====================================================================
 
' End Query code
 
' =====================================================================
 
 
Else
Wscript.StdOut.WriteLine vbTab & "NETWORK ERROR"
End If
Loop

Open in new window

0
 

Author Comment

by:mdmcq5
ID: 22627102
ok, so I started the script about 20 mins ago and it only has one line in an output file. I do have the extra line in servers.txt - what do you think it's doing? I have an output file that only has one line so far
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22627244
Well, to non-domain servers i guess you're bound to have issues with credentials and firewall, also some of them may not even be running windows.

The time out for WMI takes forever.

I don't believe i can help you much from here on - doing it on the domain is one thing, "in the wild" is another. You're unlikely to be able to edit them as one.

Sorry about not being able to fix all of the servers - I hope the ones on the domain went smooth enough.
0
 

Author Comment

by:mdmcq5
ID: 22627411
your coding has been wonderful.  the last code is still running and the output file size is increasing - so that's definitely a good sign...

thanks for the input
0
 

Author Closing Comment

by:mdmcq5
ID: 31502058
sciphre, outstanding input and direction! hope to run into you again!
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22627551
Thank you for having interesting problems :)
I'll keep monitoring this in case you have any more issues - but the off-domain servers have very low chances of working I'm afraid.
0
 

Author Comment

by:mdmcq5
ID: 22629175
sciphre, you may have already said but I'll ask again...
when it comes time to update the incorrect DNS entries, what's the quickest way, rather than one by one...
if you say there's an easy way, I'll post another question for you to answer
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22631112
I don't understand the question, but it sounds like you just need to disable DRYRUN mode and let the script fix everything.
If you meant for the off domain ones, i don't know a fast way.
You could make a small batch file that uses   netsh, but you would still need to log on remotely on each to run it, as you can't predict the management settings on them.
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22631446
I'll rephrase that:
-The last script that still uses LDAP is blazing fast and will update all your domain machines in a jiffy, as long as you've opened up WMI on them, which I gather you have. This is a solution i can stand behind and i'll help you through with it until it works.

-The server list script will often run into machines which have firewalls on them. The time out for this is huge and if there are any such machines in the list it will run dog slow. This is a solution i cannot support due to the inherent complexity of a non-domain environment.
- I may be able to amend the server list script into using alternate credentials for each server, but you'd still have firewall problems with it.

Offtopic:
The off-domain servers should really  have some sort of central mechanism for administration left on them by whoever managed them initially, but you'll need to figure out what it is or you will end up in the madhouse.
0
 

Author Comment

by:mdmcq5
ID: 22633387
understood - I'll disable the dryrun and keep you posted. thanks
0
 

Author Comment

by:mdmcq5
ID: 22653375
Wow! setting the DRYRUN to FALSE has absolutely no effect on the update.  I expected the servers to flicker or something but nothing. OUTSTANDING!
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22653403
Actually it changes the verbosity level a bit, makes it easier to read since you're already aware of what it's gonna do :)
I do hope it worked.
0
 

Author Comment

by:mdmcq5
ID: 22663005
sciphre,
I forgot...is there a way to edit the code to also update the WINS entries?
0
 
LVL 5

Expert Comment

by:sciphre
ID: 22664381
Should be trivial, but I can't do it today.
Here's a reference, it's pretty much search & replace, you should be able to figure it out.

http://msdn.microsoft.com/en-us/library/aa393624(VS.85).aspx

Changes:
- SetDNSSearchOrder becomes SetWINSServer
- Since SetDNSSearchOrder takes an Array as a parameter, and SetWINSServer takes two strings, you'll need two string variables instead of an array.
- On a similar note,  string WINSPrimaryServer,  string WINSSecondaryServer will show you the servers, this will also need some modification.

If you're not a programmer at all, I can probably help in some 20 hours. Would really appreciate it if you made a new question though - and if you're lucky someone else might get to it earlier, since the hard part is already done .
0
 

Author Comment

by:mdmcq5
ID: 22664838
I can't even pretend to be a programmer; I tried but just can't translate :)

here's a new question:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23795743.html
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question