• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 674
  • Last Modified:

Update DNS record for not Domain Computer

Hello,
  Inventory:
       A - domain controller
       B - not Domain computer
       VPN software
     

Task
Run powershell.exe on B computer. Connect to Domain network and update DNS record with new IP of B computer.

How i am trying to do this.
    Using Powershell script converted to exe using PS2EXE
     user John added to DNSAdmins  group
     On DC created PowerShell Session Microsoft.Powershell and added John user to it with full permissions

Problem
     When i start powershell.exe script i receive this ERROR message:
"[DC.domain.com] Connecting to remote server failed with the following error message: The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination , most commonly IIS or WinRm. If the destination is the WinRM service , run the following command on the destination to analyze and configure the WinRM service: "winrm quick config"


winrm quickonfig is set on DC.domain.com

PowerShell Script
#Password for remote login
$password = ConvertTo-SecureString -AsPlainText "password" -Force
$credentials = new-object -TypeName System.Management.Automation.PSCredential -argumentlist "domain.com\John",$password

#VPN software location
$vpn = "C:\Program Files\ShrewSoft\VPN Client\"
Set-Location $vpn

#start VPN software
.\ipsecc.exe -r "vpn.pcf"

Start-Sleep -s 30

#Get IP address of the ShrewSoft VPN adapter
Get-WmiObject Win32_NetworkAdapterConfiguration| Where {$_.DNSDomain -eq “domain.com” -and $_.ServiceName -eq "vnet"} | select IPAddress > C:\info.txt
$adapter = Get-Content  -Path C:\info.txt | Select-Object -Last 1
$adapter = $adapter.Substring(0,15)
 
#new IP address
$ip = $adapter
$ip = $ip -replace "{", ""
$ip = $ip -replace "}", ""

#get hostname
$hostname = "$env:computername"

#DNS server info
$DNSServer = "DC.domain.com"
$DNSZone = "domain.com"
    
#Start PSSession to DNS server
New-PSSession -UseSSL -ComputerName $DNSServer -ConfigurationName Microsoft.Powershell -Credential $credentials
$session = Get-PSSession

#DNS record name
$recordName = $hostname 

#DNS record type
$recordType = "A" 

#IP from Shrew Soft VPN adapter to create a new DNS record
$recordAddress = $ip 
 
  # Now we execute DELETE command  
Invoke-Command -Session $session `
 {param($DNSServer,$DNSZone,$recordName,$recordType) dnscmd $DNSServer /RecordDelete $DNSZone $recordName $recordType /f}  -ArgumentList $DNSServer,$DNSZone,$recordName,$recordType
 
  # Now we execute ADD command 
Invoke-Command -Session $session `
 {param($DNSServer,$DNSZone,$recordName,$recordType,$recordAddress) dnscmd $DNSServer /RecordAdd $DNSZone $recordName $recordType $recordAddress}  -ArgumentList $DNSServer,$DNSZone,$recordName,$recordType,$recordAddress

#EXIT and REMOVE PSSession
Exit-PSSession 
Remove-PSSession $session

Open in new window


Question
Do I need to set more permissions to John user ?
Why this script does not work?
How can i make it work ?

Thanks,
  Tadas
0
thinkbot
Asked:
thinkbot
  • 3
  • 2
1 Solution
 
footechCommented:
Did you just run "winrm quickconfig" on the server or did you run "Enable-PSRemoting"?  They are different.
I don't use PS-Remoting with workgroup members, but I've read some about it.  I think you will want to modify the TrustedHosts list on the non-domain machine.  You may want to reference the following links:
http://blogs.msdn.com/b/wmi/archive/2009/07/24/powershell-remoting-between-two-workgroup-machines.aspx
http://blogs.technet.com/b/heyscriptingguy/archive/2012/07/24/an-introduction-to-powershell-remoting-part-two-configuring-powershell-remoting.aspx
0
 
footechCommented:
Actually, thinking about this a bit more, the error message "The client cannot connect to the destination specified in the request" refers specifically to being able to contact the WinRM service on the machine.  You would see the error in the following circumstances:
 - firewall is blocking traffic (Windows Remote Management (HTTP-In) rule should be enabled)
 - WinRM service is not started
 - DNS info is incorrect (i.e. trying to reach the wrong IP) - are you querying a DNS server that has the right info?

Also, I'm not sure about the error when not set, but you must have a password set on the workgroup computer.

If the error was more about authentication, it would read something like, "The WinRM client cannot process the request."
0
 
thinkbotAuthor Commented:
Thank you for your help, but i decided to go with another solution. I added John user to domain administrator group and now i can update dns record using "get-wmiobject".  SO the code look like this now:
 #VPN software location
$vpn = "C:\Program Files\ShrewSoft\VPN Client\"
Set-Location $vpn

#start VPN software
.\ipsecc.exe -r "login.pcf"


#autologin
$password = ConvertTo-SecureString -AsPlainText "password" -Force
$credentials = new-object -TypeName System.Management.Automation.PSCredential -argumentlist "domain.com\John",$password


Start-Sleep -s 30

Get-WmiObject Win32_NetworkAdapterConfiguration| Where {$_.DNSDomain -eq “domain.com” -and $_.ServiceName -eq "vnet"} | select IPAddress > C:\info.txt
$adapter = Get-Content  -Path C:\info.txt | Select-Object -Last 1
$adapter = $adapter.Substring(0,15)
 
#new IP address
$ip = $adapter
$ip = $ip -replace "{", ""
$ip = $ip -replace "}", ""

#get hostname and add domain.com because the computer do not belong to domain controler group

$hostname = $env:computername + "domain.com"

#Get information
$dns = Get-WmiObject -ComputerName dc.domain.com -Namespace "root\MicrosoftDNS" -Class MicrosoftDNS_AType -Filter "OwnerName = '$hostname'" -Credential $credentials
#modify host dns record
$modifiedDNS = $dns.Modify($dns.TTL, $ip)

Open in new window


I convert this code to exe and now it is working :)

Thank you @footech for help and suggestions.
0
 
footechCommented:
Glad you have a solution.  You can accept your own comment as the solution and close the question.  :)
0
 
thinkbotAuthor Commented:
Solved
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now