Solved

Update DNS record for not Domain Computer

Posted on 2013-01-30
5
608 Views
Last Modified: 2013-03-12
Hello,
  Inventory:
       A - domain controller
       B - not Domain computer
       VPN software
     

Task
Run powershell.exe on B computer. Connect to Domain network and update DNS record with new IP of B computer.

How i am trying to do this.
    Using Powershell script converted to exe using PS2EXE
     user John added to DNSAdmins  group
     On DC created PowerShell Session Microsoft.Powershell and added John user to it with full permissions

Problem
     When i start powershell.exe script i receive this ERROR message:
"[DC.domain.com] Connecting to remote server failed with the following error message: The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination , most commonly IIS or WinRm. If the destination is the WinRM service , run the following command on the destination to analyze and configure the WinRM service: "winrm quick config"


winrm quickonfig is set on DC.domain.com

PowerShell Script
#Password for remote login
$password = ConvertTo-SecureString -AsPlainText "password" -Force
$credentials = new-object -TypeName System.Management.Automation.PSCredential -argumentlist "domain.com\John",$password

#VPN software location
$vpn = "C:\Program Files\ShrewSoft\VPN Client\"
Set-Location $vpn

#start VPN software
.\ipsecc.exe -r "vpn.pcf"

Start-Sleep -s 30

#Get IP address of the ShrewSoft VPN adapter
Get-WmiObject Win32_NetworkAdapterConfiguration| Where {$_.DNSDomain -eq “domain.com” -and $_.ServiceName -eq "vnet"} | select IPAddress > C:\info.txt
$adapter = Get-Content  -Path C:\info.txt | Select-Object -Last 1
$adapter = $adapter.Substring(0,15)
 
#new IP address
$ip = $adapter
$ip = $ip -replace "{", ""
$ip = $ip -replace "}", ""

#get hostname
$hostname = "$env:computername"

#DNS server info
$DNSServer = "DC.domain.com"
$DNSZone = "domain.com"
    
#Start PSSession to DNS server
New-PSSession -UseSSL -ComputerName $DNSServer -ConfigurationName Microsoft.Powershell -Credential $credentials
$session = Get-PSSession

#DNS record name
$recordName = $hostname 

#DNS record type
$recordType = "A" 

#IP from Shrew Soft VPN adapter to create a new DNS record
$recordAddress = $ip 
 
  # Now we execute DELETE command  
Invoke-Command -Session $session `
 {param($DNSServer,$DNSZone,$recordName,$recordType) dnscmd $DNSServer /RecordDelete $DNSZone $recordName $recordType /f}  -ArgumentList $DNSServer,$DNSZone,$recordName,$recordType
 
  # Now we execute ADD command 
Invoke-Command -Session $session `
 {param($DNSServer,$DNSZone,$recordName,$recordType,$recordAddress) dnscmd $DNSServer /RecordAdd $DNSZone $recordName $recordType $recordAddress}  -ArgumentList $DNSServer,$DNSZone,$recordName,$recordType,$recordAddress

#EXIT and REMOVE PSSession
Exit-PSSession 
Remove-PSSession $session

Open in new window


Question
Do I need to set more permissions to John user ?
Why this script does not work?
How can i make it work ?

Thanks,
  Tadas
0
Comment
Question by:thinkbot
  • 3
  • 2
5 Comments
 
LVL 39

Expert Comment

by:footech
ID: 38837704
Did you just run "winrm quickconfig" on the server or did you run "Enable-PSRemoting"?  They are different.
I don't use PS-Remoting with workgroup members, but I've read some about it.  I think you will want to modify the TrustedHosts list on the non-domain machine.  You may want to reference the following links:
http://blogs.msdn.com/b/wmi/archive/2009/07/24/powershell-remoting-between-two-workgroup-machines.aspx
http://blogs.technet.com/b/heyscriptingguy/archive/2012/07/24/an-introduction-to-powershell-remoting-part-two-configuring-powershell-remoting.aspx
0
 
LVL 39

Expert Comment

by:footech
ID: 38841718
Actually, thinking about this a bit more, the error message "The client cannot connect to the destination specified in the request" refers specifically to being able to contact the WinRM service on the machine.  You would see the error in the following circumstances:
 - firewall is blocking traffic (Windows Remote Management (HTTP-In) rule should be enabled)
 - WinRM service is not started
 - DNS info is incorrect (i.e. trying to reach the wrong IP) - are you querying a DNS server that has the right info?

Also, I'm not sure about the error when not set, but you must have a password set on the workgroup computer.

If the error was more about authentication, it would read something like, "The WinRM client cannot process the request."
0
 

Accepted Solution

by:
thinkbot earned 0 total points
ID: 38842714
Thank you for your help, but i decided to go with another solution. I added John user to domain administrator group and now i can update dns record using "get-wmiobject".  SO the code look like this now:
 #VPN software location
$vpn = "C:\Program Files\ShrewSoft\VPN Client\"
Set-Location $vpn

#start VPN software
.\ipsecc.exe -r "login.pcf"


#autologin
$password = ConvertTo-SecureString -AsPlainText "password" -Force
$credentials = new-object -TypeName System.Management.Automation.PSCredential -argumentlist "domain.com\John",$password


Start-Sleep -s 30

Get-WmiObject Win32_NetworkAdapterConfiguration| Where {$_.DNSDomain -eq “domain.com” -and $_.ServiceName -eq "vnet"} | select IPAddress > C:\info.txt
$adapter = Get-Content  -Path C:\info.txt | Select-Object -Last 1
$adapter = $adapter.Substring(0,15)
 
#new IP address
$ip = $adapter
$ip = $ip -replace "{", ""
$ip = $ip -replace "}", ""

#get hostname and add domain.com because the computer do not belong to domain controler group

$hostname = $env:computername + "domain.com"

#Get information
$dns = Get-WmiObject -ComputerName dc.domain.com -Namespace "root\MicrosoftDNS" -Class MicrosoftDNS_AType -Filter "OwnerName = '$hostname'" -Credential $credentials
#modify host dns record
$modifiedDNS = $dns.Modify($dns.TTL, $ip)

Open in new window


I convert this code to exe and now it is working :)

Thank you @footech for help and suggestions.
0
 
LVL 39

Expert Comment

by:footech
ID: 38904350
Glad you have a solution.  You can accept your own comment as the solution and close the question.  :)
0
 

Author Closing Comment

by:thinkbot
ID: 38976837
Solved
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
While working, an annoying popup showing below will come and we cannot cancel or close it form the screen. The error message will come again and again.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now