Configure non-integrated DNS zones with Powershell

Configure non-integrated DNS zones with Powershell

I’ve been looking at scripting out the build out of my Azure Lab so I can build it, use it for a purpose then rip it down and start again to use it again.  One of the scripts that I’ve pulled together is configuring non-integrated DNS Zones with Powershell both on a local server and a remote server.
The script I’ve created assumes that the DNS role is installed on your servers and that PSRemoting is enabled on your servers.  If you are unsure how to enable PSRemoting please refer to my previous blog post – http://techielass.com/2017/02/run-powershell-commands-remote-computers.html
My NonIntegratedDNSInstall.ps1 script helps to install non-integrated DNS zones onto three servers. One acting as the primary and two act as the secondary servers. There are some information within the script that requires configured before the script is run and requires some input during the script execution.
Here is a break down of the script.  This first section is where the inputs from the engineer running the script are declared and has the static inputs of the non-integrated DNS zones that need to be created:

#This stage clears any error codes within the default error variable in Powershell
$error.clear()
#This stage looks for the server names and IP information from the engineer
$dns_srv1 = Read-Host -Prompt "Enter DNS Server Member 1"
$dns_srv2 = Read-Host -Prompt "Enter DNS Server Member 2"
$dns_srv3 = Read-Host -Prompt "Enter DNS Server Member 3"
$dns_ip1 = Read-Host -Prompt "Enter the IP address of DNS Server Member 1"
$dns_ip2 = Read-Host -Prompt "Enter the IP address of DNS Server Member 2"
$dns_ip3 = Read-Host -Prompt "Enter the IP address of DNS Server Member 3"
#Input DNS non-integrated zones to be created
$zones = "arbroath.com","dundee.com","glasgow.com","edinburgh.com","aberdeen.com","inverness.com","stirling.com"

 
The next section of the script declares the script that will be run on the remote server(s) and collects credentials for connecting to the remote server(s):

#Declare script to be run on remote server
$scriptblock = {param($zones,$dns_ip1,$dns_srv2,$z,$dns_srv3) Add-DnsServerSecondaryZone -MasterServers $dns_ip1 -Name $z -ZoneFile $z".dns"}
#Collects Credentials to connect to the remote server
$username = Read-Host -Prompt "Enter the username for the account"
read-host -Prompt "enter password" -assecurestring | convertfrom-securestring | out-file C:\cred.txt
$password = get-content C:\cred.txt | convertto-securestring
$credentials = new-object -typename System.Management.Automation.PSCredential -argumentlist "$username",$password

This line of Powershell loops round using the inputs and creates the primary copy of the non-integrated DNS zones on the first server:

#This stage creates the non integrated zones using the first server as the primary server
$zones | foreach-object {Add-DnsServerPrimaryZone -ComputerName $dns_srv1 -Name $_ -DynamicUpdate None -ZoneFile $_".dns"}

Now that the script has created the first copy of the zones the script looks to create the zone copies on the remote servers. The script checks to see if a third server is being used or not and executes the commands accordingly.

#If dns_srv3 is populated do the following
If($dns_srv3)
{
#This stage added the second server as a nameserver to the zones created above
$zones | foreach-object {Add-DnsServerResourceRecord -Name $_ -NameServer $dns_srv2 -NS -ZoneName $_}
$zones | foreach-object {Add-DnsServerResourceRecord -Name $_ -NameServer $dns_srv3 -NS -ZoneName $_}
#Create remote session and create a copy of the zones onto the secondary server
$session = New-PSSession -ComputerName $dns_srv2 -Credential $credentials
ForEach ($z in $zones)
{Invoke-Command -Session $session -ScriptBlock $scriptblock -Arg @($zones,$dns_ip1,$dns_srv2,$z)}
#Create remote session and create a copy of the zones onto the third server
$session2 = New-PSSession -ComputerName $dns_srv3 -Credential $credentials
ForEach ($z in $zones)
{Invoke-Command -Session $session2 -ScriptBlock $scriptblock -Arg @($zones,$dns_ip1,$dns_srv2,$z,$dns_srv3)}
#Remove credential file
Remove-Item C:\cred.txt
#Close remote session to the second server
Remove-PSSession $Session
#Close remote session to the third server
Remove-PSSession $Session2
#This checks if the script has ran with errors or not and outputs accordingly.
If ($Error[0]) {
Write-Host "The script has completed but has completed with errors, please investigate and re-run script." -BackgroundColor Black -ForegroundColor Red
  }  Else {
Write-Host "The script has completed successfully." -BackgroundColor Black -ForegroundColor Yellow
}
}
else
#If there dns_srv3 is empty the script will do the following
{
#This stage added the second server as a nameserver to the zones created above
$zones | foreach-object {Add-DnsServerResourceRecord -Name $_ -NameServer $dns_srv2 -NS -ZoneName $_}
#Create remote session and create a copy of the zones onto the secondary server
$session = New-PSSession -ComputerName $dns_srv2 -Credential $credentials
ForEach ($z in $zones)
{Invoke-Command -Session $session -ScriptBlock $scriptblock -Arg @($zones,$dns_ip1,$dns_srv2,$z)}
#Remove credential file
Remove-Item C:\cred.txt
#Close remote session
Remove-PSSession $Session
#This checks if the script has ran with errors or not and outputs accordingly.
If ($Error[0]) {
Write-Host "The script has completed but has completed with errors, please investigate and re-run script." -BackgroundColor Black -ForegroundColor Red
  }  Else {
Write-Host "The script has completed successfully." -BackgroundColor Black -ForegroundColor Yellow
}
}

 
Part of the script is to remove the file where the remote credentials are stored, and closing off the remote sessions created correctly.   An output is also displayed for the user to show a successful completion or not.
Below is a demo on the script running with two servers:

The script can be downloaded from Microsoft’s Technet Gallery here: https://gallery.technet.microsoft.com/Configure-non-integrated-ba157b59