?
Solved

Changing DNS

Posted on 2011-10-28
14
Medium Priority
?
302 Views
Last Modified: 2012-05-12
From the research I've done, I know that this is a limitation of what NIC settings can be controled via GPO. One of those challenges is changing the Primary and Secondary DNS servers.

We are a static IP assignment enviroment. What solutions if any (including 3rd party software) are available that would allow us to change the DNS servers automatically rather than having to manually touch each PC to change these settings?

Thanks,
Tim
0
Comment
Question by:tgarrity
  • 7
  • 3
  • 2
  • +2
14 Comments
 
LVL 3

Expert Comment

by:Getsum_Bloodlust
ID: 37048005
do you have a domain controller on your network. if so, might be worth implementing a DHCP server and creating reservations for each machine. Could be time consuming dependent on how many machines you have.
0
 
LVL 1

Author Comment

by:tgarrity
ID: 37048032
yes, the domain controllers are here on sight. Thanks for bringing up that point about DHCP. I haven't considered that yet.

0
 
LVL 18

Expert Comment

by:Rartemass
ID: 37048167
The DNS entries are in the registry here:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\NameServer

You can create a registry file with the changes and then deploy it to all computers via policy, logon script, batch job or various other methods.
Probably the best option is to make the changes on a single computer via the network options. Then in regedit go to the above key and export (right click on Parameters key and click export). Save this as a .reg file that can be deployed to every PC on the domain (excluding servers).
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 22

Assisted Solution

by:chakko
chakko earned 664 total points
ID: 37048961
Here is a vb script I made for another person to update TCP/IP settings.

You can adapt it for your need.  Just remove extra settings, or put what you need.

You can probably use a GPO to run it on machines.  You need to edit the popup messages for your purpose - remove them so the script does not pause for a repsonse.

It searches the adapters on the PC and pops up the name, the user selects which adaptor they want to change.  You can change the search so that it only changes the adapater you need to change (in case there are more than 1 in the PC).


strComputer = "."
 
Const DEFAULT = 0
Const ENABLED = 1
Const DISABLED = 2


arrDNSServerSearchOrder = Array("192.18.4.1", "192.18.18.8", "144.16.21.1", "144.12.12.1")
arrDNSDomainSuffixSearchOrder = Array("cre.dir.se.com", "s.dir.se.com", "w.dir.sa.com", "c.ta.com.se", "in.ea.com.au", "ext.d.do.com", "tea.com.sa", "corl.tea.c.sa", "t.com.sa")
strWINSPrimaryServer = "192.18.61.1"
strWINSSecondaryServer = "192.18.10.5"


Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set objWMIService2 = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set nics = objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")

Set nics2 = objWMIService2.ExecQuery("Select * from Win32_NetworkAdapter")


For Each adaptr in nics2
     nicName = adaptr.NetConnectionID
     if Left(NicName ,1)<> "" Then
       Answer = MsgBox("Set this NIC adaptr?" & nicName ,4)
       if Answer = vbYes then
        MsgBox ("Configuring adaptr : " & nicName)
        For Each nic In nics
            if nic.MACAddress = adaptr.MacAddress then
              nic.SetDNSServerSearchOrder(arrDNSServerSearchOrder)      
              nic.SetWINSServer strWINSPrimaryServer, strWINSSecondaryServer
              nic.SetTCPIPNetBIOS(ENABLED)
              Set nicClass = objWMIService.Get(nic.Path_.class)
              nicClass.SetDNSSuffixSearchOrder(arrDNSDomainSuffixSearchOrder)
           end if
        Next
       end if
     end if
Next
0
 
LVL 1

Author Comment

by:tgarrity
ID: 37057584
Not too sure what's going on here but here's the problem.
I installed the DHCP role on our Windows 2008 R2 domain controller.
I defined the scope and set a reservation for just my IP (for testing purposes)
As soon as I release my static IP address on my PC using command prompt, I get an error message stating there is an IP conflict on the network.

This doesn't make sense A) we are a staic IP enviroment B) I created a reservation for my PC using the MAC address on my NIC

Any ideas?
0
 
LVL 18

Expert Comment

by:Rartemass
ID: 37066893
Remove the reservation on the server and set the PC to obtain IP automatically.
Ensure the scope of the DHCP server does not include the range of current static IP addresses.
For example if the highest IP address is 192.168.0.23, start the DHCP scope at 192.168.0.24.
This will avoid conflicts.
Then once your PC gets an IP from the server, you can reserve it again. This should avoid any conflicts.

Once that is done you can change each PC to dynamic IP one at a time. I'd reserve the IP on the server (in the above listed scope) then change the PC to dynamic.
Once all PCs are done you can extend the scope if you wish.
If you want to keep the existing IP addresses, then you should change all PCs to DHCP first, then set the scope on the server, then reserve the same IP from before.
Please let me know if I lost you with the above.
0
 
LVL 22

Expert Comment

by:chakko
ID: 37067518
In the DHCP service on DHCP Properties Advanced Tab, have you tried changing the Conflict Detection attempts to 1 or 2 ?
0
 
LVL 26

Accepted Solution

by:
Leon Fester earned 668 total points
ID: 37068611
You mention the reservation is booked on your MAC address, but is it booked on your IP address?
NOTE: Creating a reservation does not remove the possibilty that a hard coded IP addresses could clash on your network.

Run nslookup <<ip_address>> to check the DNS records for that workstation.
You can check the name of that server/workstation directly by doing the following.
1. Connect to the network, without the conflict.
2. Use the runas functionality to launch a command prompt as a domain admin.
(Keep down shift, and right-click Command Prompt and select "Run as different user" and enter your domain admin or remote admin credentials.)
3 When your command prompt opens type:
wmic /node:<<ip_address>> computersystem get name
- This should give you the computer name if you admin account has permissions on this workstation.
Similarly
wmic /node:<<ip_address>> computersystem get username
- Will return the username of the currently logged on user.
0
 
LVL 1

Author Comment

by:tgarrity
ID: 37085088
Rartemass:

Thank you for your reply, but this did not solve the problem.
Could it be that DHCP needs to be turned on our Cisco router or even on our HP ProCurve switch?
0
 
LVL 1

Author Comment

by:tgarrity
ID: 37085106
chakko:
Set to 2 attempts
0
 
LVL 18

Assisted Solution

by:Rartemass
Rartemass earned 668 total points
ID: 37091972
Could it be that DHCP needs to be turned on our Cisco router or even on our HP ProCurve switch?

You only want one server/device providing the IP address on a network. As long as the PCs can reach the device that is acting as a DHCP server, then it should obtain the address. As it appears you are getting an IP address from the server, this isn't the problem.

Have you searched for the conflict as dvt_localboy suggested?
0
 
LVL 1

Author Comment

by:tgarrity
ID: 37094282
I will do so and submit my findings. Thanks for the assistance.
0
 
LVL 1

Author Comment

by:tgarrity
ID: 37110718
Sorry, didnt get a chance to do this today. Will test tomorrow. Thanks
0
 
LVL 1

Author Closing Comment

by:tgarrity
ID: 37172923
Thank you!
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introducing Priority Question, our latest feature.
When you put your credit card number into a website for an online transaction, surely you know to look for signs of a secure website such as the padlock icon in the web browser or the green address bar.  This is one way to protect yourself from oth…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
Suggested Courses
Course of the Month13 days, 16 hours left to enroll

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question