Solved

Update DNS record for not Domain Computer

Posted on 2013-01-30
5
645 Views
Last Modified: 2013-03-12
Hello,
  Inventory:
       A - domain controller
       B - not Domain computer
       VPN software
     

Task
Run powershell.exe on B computer. Connect to Domain network and update DNS record with new IP of B computer.

How i am trying to do this.
    Using Powershell script converted to exe using PS2EXE
     user John added to DNSAdmins  group
     On DC created PowerShell Session Microsoft.Powershell and added John user to it with full permissions

Problem
     When i start powershell.exe script i receive this ERROR message:
"[DC.domain.com] Connecting to remote server failed with the following error message: The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination , most commonly IIS or WinRm. If the destination is the WinRM service , run the following command on the destination to analyze and configure the WinRM service: "winrm quick config"


winrm quickonfig is set on DC.domain.com

PowerShell Script
#Password for remote login
$password = ConvertTo-SecureString -AsPlainText "password" -Force
$credentials = new-object -TypeName System.Management.Automation.PSCredential -argumentlist "domain.com\John",$password

#VPN software location
$vpn = "C:\Program Files\ShrewSoft\VPN Client\"
Set-Location $vpn

#start VPN software
.\ipsecc.exe -r "vpn.pcf"

Start-Sleep -s 30

#Get IP address of the ShrewSoft VPN adapter
Get-WmiObject Win32_NetworkAdapterConfiguration| Where {$_.DNSDomain -eq “domain.com” -and $_.ServiceName -eq "vnet"} | select IPAddress > C:\info.txt
$adapter = Get-Content  -Path C:\info.txt | Select-Object -Last 1
$adapter = $adapter.Substring(0,15)
 
#new IP address
$ip = $adapter
$ip = $ip -replace "{", ""
$ip = $ip -replace "}", ""

#get hostname
$hostname = "$env:computername"

#DNS server info
$DNSServer = "DC.domain.com"
$DNSZone = "domain.com"
    
#Start PSSession to DNS server
New-PSSession -UseSSL -ComputerName $DNSServer -ConfigurationName Microsoft.Powershell -Credential $credentials
$session = Get-PSSession

#DNS record name
$recordName = $hostname 

#DNS record type
$recordType = "A" 

#IP from Shrew Soft VPN adapter to create a new DNS record
$recordAddress = $ip 
 
  # Now we execute DELETE command  
Invoke-Command -Session $session `
 {param($DNSServer,$DNSZone,$recordName,$recordType) dnscmd $DNSServer /RecordDelete $DNSZone $recordName $recordType /f}  -ArgumentList $DNSServer,$DNSZone,$recordName,$recordType
 
  # Now we execute ADD command 
Invoke-Command -Session $session `
 {param($DNSServer,$DNSZone,$recordName,$recordType,$recordAddress) dnscmd $DNSServer /RecordAdd $DNSZone $recordName $recordType $recordAddress}  -ArgumentList $DNSServer,$DNSZone,$recordName,$recordType,$recordAddress

#EXIT and REMOVE PSSession
Exit-PSSession 
Remove-PSSession $session

Open in new window


Question
Do I need to set more permissions to John user ?
Why this script does not work?
How can i make it work ?

Thanks,
  Tadas
0
Comment
Question by:thinkbot
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 40

Expert Comment

by:footech
ID: 38837704
Did you just run "winrm quickconfig" on the server or did you run "Enable-PSRemoting"?  They are different.
I don't use PS-Remoting with workgroup members, but I've read some about it.  I think you will want to modify the TrustedHosts list on the non-domain machine.  You may want to reference the following links:
http://blogs.msdn.com/b/wmi/archive/2009/07/24/powershell-remoting-between-two-workgroup-machines.aspx
http://blogs.technet.com/b/heyscriptingguy/archive/2012/07/24/an-introduction-to-powershell-remoting-part-two-configuring-powershell-remoting.aspx
0
 
LVL 40

Expert Comment

by:footech
ID: 38841718
Actually, thinking about this a bit more, the error message "The client cannot connect to the destination specified in the request" refers specifically to being able to contact the WinRM service on the machine.  You would see the error in the following circumstances:
 - firewall is blocking traffic (Windows Remote Management (HTTP-In) rule should be enabled)
 - WinRM service is not started
 - DNS info is incorrect (i.e. trying to reach the wrong IP) - are you querying a DNS server that has the right info?

Also, I'm not sure about the error when not set, but you must have a password set on the workgroup computer.

If the error was more about authentication, it would read something like, "The WinRM client cannot process the request."
0
 

Accepted Solution

by:
thinkbot earned 0 total points
ID: 38842714
Thank you for your help, but i decided to go with another solution. I added John user to domain administrator group and now i can update dns record using "get-wmiobject".  SO the code look like this now:
 #VPN software location
$vpn = "C:\Program Files\ShrewSoft\VPN Client\"
Set-Location $vpn

#start VPN software
.\ipsecc.exe -r "login.pcf"


#autologin
$password = ConvertTo-SecureString -AsPlainText "password" -Force
$credentials = new-object -TypeName System.Management.Automation.PSCredential -argumentlist "domain.com\John",$password


Start-Sleep -s 30

Get-WmiObject Win32_NetworkAdapterConfiguration| Where {$_.DNSDomain -eq “domain.com” -and $_.ServiceName -eq "vnet"} | select IPAddress > C:\info.txt
$adapter = Get-Content  -Path C:\info.txt | Select-Object -Last 1
$adapter = $adapter.Substring(0,15)
 
#new IP address
$ip = $adapter
$ip = $ip -replace "{", ""
$ip = $ip -replace "}", ""

#get hostname and add domain.com because the computer do not belong to domain controler group

$hostname = $env:computername + "domain.com"

#Get information
$dns = Get-WmiObject -ComputerName dc.domain.com -Namespace "root\MicrosoftDNS" -Class MicrosoftDNS_AType -Filter "OwnerName = '$hostname'" -Credential $credentials
#modify host dns record
$modifiedDNS = $dns.Modify($dns.TTL, $ip)

Open in new window


I convert this code to exe and now it is working :)

Thank you @footech for help and suggestions.
0
 
LVL 40

Expert Comment

by:footech
ID: 38904350
Glad you have a solution.  You can accept your own comment as the solution and close the question.  :)
0
 

Author Closing Comment

by:thinkbot
ID: 38976837
Solved
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Scripting 4 37
COM server issue 2 29
Add server count in powershell 5 27
active directory 3 27
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question