Aug 082011
 

A while ago I created a simple script to create some DNS records using dnscmd.exe. This because there where no DNS cmdlets for PowerShell available. Although it worked fine for me, I can imagine people would rather using PowerShell cmdlets.

Nowadays they are available for download yet pretty hard to find. I haven’t used them myself yet, but check it out yourself 🙂

http://dnsshell.codeplex.com/

As per version 0.4.4 the following cmdlets are available:

DNS Resolver

  • Get-Dns

WMI Wrappers

  • Clear-DnsCache
  • Get-DnsRecord
  • Get-DnsServer
  • Get-DnsZone
  • New-DnsRecord
  • New-DnsZone
  • Remove-DnsObject
  • Reset-DnsZoneType (no Get-Help)
  • Resume-DnsZone
  • Set-DnsRecord (no Get-Help)
  • Set-DnsServer (to be completed)
  • Set-DnsZone (to be completed)
  • Set-DnsZoneTransfer (no Get-Help)
  • Start-DnsScavenging
  • Start-DnsService
  • Stop-DnsService
  • Suspend-DnsZone
  • Update-DnsZone
  • Update-DnsZoneFile

Active Directory

  • Get-ADDnsPartition
  • Get-ADDnsRecord
  • Get-ADDnsZone
  • New-ADDnsRecord (to be completed)
  • New-ADDnsZone (to be completed)
  • Remove-ADDnsRecord (to be completed)
  • Remove-ADDnsZone (to be completed)
  • Set-ADDnsRecord (to be completed)
  • Set-ADDnsZone (to be completed)
Jul 152010
 

At my job site we have a very nice and cool lab environment. However due to budget cuts we are currently not in the position to extend our lab. So at the moment we currently have two uninterruptable power supplies (UPS) which would give the systems enough “juice” in case we have a power outrage. However, these UPS systems don’t have a management interface card. The problem with that is we are not able to communicate with the UPS to make sure that the servers are brought down nicely.

So we changed our system environment a bit. The Cisco switches are now connected on dirty power, so if we have a power outrage, the switches would be gone immediately. If the switches fail, our servers will not be able to communicate anymore with their default gateway. Within VMware this is known as isolation mode. VMware will bring it’s VM’s down, however our 3 physical servers (SQL 2008, VCenter and a DC) will have a problem. They are not brought down in such an event.

Therefore I wrote a little PowerShell script you can find below. Simple edit the time and other variables to suit your environment. With the current timers, the quickest shutdown will take place within 4 minutes, else it will take up to a maximum of 6 minutes. Note: make sure your UPS can hold it that long.

Although I do know that this is really a poor mans solution, I don’t think we have a better choice.

[code lang=”ps”]
$Gateway = "10.75.36.254"

function checkStatus {
$PingCount = "2"
 if (!(Test-Connection $Gateway -Count $pingCount -ErrorAction SilentlyContinue)) {
  $Subject="Network Lost"
  $LogLevel= "Warning"
  $Message = "Gateway didn’t respond within a timely fasion"
  WriteEventLog
  Recheck
 }
}

function Recheck{
$PingCount = "4"
#recheck gatway response within 4 pings.
#wait ten seconds before continue. This to rule out a temporarily  unplugged cable.
Start-Sleep -Seconds 180
 if (Test-Connection $Gateway -Count $pingCount -ErrorAction SilentlyContinue) {
  $Subject="Network connection restored"
  $LogLevel= "Information"
  $Message = "Gateway responded again. ‘nConnection restored."
  WriteEventLog
 }
 else {
 #If ping is still not responding, receck it again, else shudown the Windows Server
 Start-Sleep -Seconds 60
  if (!(Test-Connection $Gateway -Count $pingCount -ErrorAction SilentlyContinue )) {
   shutdownSystem
  }
  else {
  $Subject="Network connection restored"
  $LogLevel= "Information"
  $Message = "Gateway responded again. ‘nConnection restored"
  WriteEventLog
  }
 }

Function shutdownSystem{
$Subject="Network Lost"
$LogLevel= "Error"
$Message = "System is going down since network is lost. Possible due to a power failure `nPlease contact one the System Administrators."
WriteEventLog
# Shutting down the computer will start right now.
Stop-Computer -Force
}

Function WriteEventLog {
 $Event=new-object System.Diagnostics.EventLog("System")
 $Eevent.Source=$Subject
 $InfoEvent=[System.Diagnostics.EventLogEntryType]::$LogLevel
 $Event.WriteEntry($Message,$InfoEvent,65000)
}

$Counter = 1
do {
 #loop forever
 start-sleep -Seconds 120
 checkStatus
}
while ($Counter -eq 1)

[/code]

May 032010
 

Since I’m currently busy with installing multiple ESX servers in our test environment, I needed to create about 32 DNS records. Well since I’m lazy and I’ve really been loving Powershell I thought it would be a nice challenge to use PowerShell and of course the powerful DNScmd command. Since we have a logical IP plan, I could use the following script.

1..32 | % {iex ([string]::format(“dnscmd /RecordAdd mylab.com ESXhost{0} /createPTR A 192.168.10.{0}”,$_))}

Of course there are many other ways. For example, using a CSV file to import the DNS records.

For example:

Import-CSV c:\DNS.csv | foreach {dnscmd /RecordAdd $_.Zone $_.hostname /createPTR A $_.IPaddress}

However, keep in mind that PowerShell uses comma separated files and not the semicolon separated file which Excel automatically creates. So for example, use:

Hostname,IPaddress,Zone
ESX1,192.168.10.50,MyLab.com
ESX2,192.168.10.51,MyLab.com
ESX3,192.168.10.52,MyLab.com
ESX4,192.168.10.53,MyLab.com

Instead of:

Hostname;IPaddress;Zone
ESX1;192.168.10.50;MyLab.com
ESX2;192.168.10.51;MyLab.com
ESX3;192.168.10.52;MyLab.com
ESX4;192.168.10.53;MyLab.com

Apr 292010
 

Yesterday, I received a request to clear out a user attribute in Active Directory , specifically the ‘OtherTelephone’ attribute. Although I know you can do this with ldife, I wanted to do this with PowerShell. And although I’m not a PowerShell Guru I thought this would be a challenge.

Anyhow, before I could even start I needed to created some test accounts in my lab. For this I used the following script. It created 20 users for me.

1..20 | ForEach { New-QADUser -ParentContainer mylab.com/Test -Name ("Test" + $_)}

Then I had to set the OtherTelephone attribute. At first I did it manually, but what would be the fun of that? So I created another script and guess what? It worked. 🙂

get-QADuser –SearchRoot mylab.com/Test | foreach {Set-QADuser -identity $_.samaccountname -ObjectAttributes @{otherTelephone=(‘121312345’)}}

And then to do my main objective, I needed to clear OtherTelephone out. The script below worked for me. I don’t know if this is the best solutions but it worked. 🙂 Note that it will search all nested OU’s within the selected OU.

get-QADUser -SearchRoot mylab.com/Test | foreach {Set-QADUser –Identity $_.samaccountname -ObjectAttributes @{otherTelephone=@{Clear=@()}}}

The get-QADUser and other interesting AD related CMDlets are available from Quest. If you do a lot with AD, I really suggest you download those CMDlets. They are free of charge. 🙂