DNS Server IP Address change in Client Systems through Group Policy

 

Scenario:

Recently our network team, restructure IP segments & it is recommended to change the IP address of our DNS server. It is an AD integrated DNS server & around 1000 desktops & laptops are in the network – all have static IP addresses. We need to change the DNS IP for all the systems.

Procedure:

We can change the DNS IP through Group Policy with the help of a simple *.bat file. We will apply the GPO in Startup as Computer base policy. But here tricky part is, we need run the batch file in "Run as Administrator" mode. Most of the Computer-based Startup GPO is not run in normal mode.

The batch file as below, suppose it name DNSIP_Change.bat  :  Replace your DNS Server “set dnsserver=X.X.X.X

@echo off

set dnsserver=10.10.10.31

set dnsserver2=10.10.10.30

for /f "tokens=1,2,3*" %%i in ('netsh interface show interface') do (

 if %%i EQU Enabled (

 rem echo change "%%l" : %dnsserver%

 netsh interface ipv4 set dnsserver name="%%l" static %dnsserver% both

 netsh interface ipv4 add dnsserver name="%%l" %dnsserver2% index=2

 )

)

 Creation of GPO :

1.    Create a GPO: "GPO_DNS Server IP Change

2.    Note its Unique ID for the GPO : {A013DF9D-E86D-4E15-ABA6-377F23485315}

Pix-01: GPO Unique ID (i.e. GUID)


3. Select the GPO : GPO_DNS Server IP Change > Edit > Computer Configuration > Policies > Windows Settings > Scripts (Startup/Shutdown) > Select Startup > Properties


Pix-02: Go to the "Startup" Properties

     4.  Click on “Show Files” > Note down the path > Browse the path &     copy the “DNSIP_Change.bat” into this location.

Pix-03: Path of "Startup" location

     5.  Now click on “Add” in Startup properties window > Browse the location of “DNSIP_Change.bat” > OK > Apply.

Pix-04: Startup Properties


Pix-05: Browse the batch file


 

Pix-06: DNSIP_Change.bat in Startup Properties window


Note:  if you check the way DNSIP_Change.bat showing in Startup Properties, is different other than if we browse the file from any other location. It'll be as below. This is the tricky part of this GPO to run the batch file "Run as Administrator".

Pix-07: Browse the file for Startup in a normal way

6.       Now link the GPO to intended Computer OU.

 


Link: https://www.wincert.net/windows-server/set-dns-servers-via-gpo-server-2012-r2/


Comments

  1. Javier MartinezThursday, November 25, 2021

    Hi, thank you.
    I also used a similar method with powershell to change DNS servers. this allow to update DNs servers IPs.

    https://itdungeon.blogspot.com/2021/11/update-dns-static-servers-in-your-local.html

    best regards!

    ReplyDelete

Post a Comment

Thank you.

Popular posts from this blog

Google Chrome Bookmark & Homepage through GPO

Image
Goals: We need to create a GPO for Google Chrome Bookmarks & home page/landing page. Under the bookmarks, few URLs would be there. It will be easy for users to access these url/site. Also by home page – most useful/frequently open site can be set, so that when user open Google chrome, the page will be displayed first. Gyan: All policy setting for Group Policy Management Console are not readily available. Sometime to manipulate group policy settings for higher version OS (i.e. Screensaver for Windows 10) or third party application (i.e. Google Chrome),we need to download group policy setting supported files – admx (policy settings) along with adml (language suppot). Both files are stored into central storage repository, known as “ Central Store ”. For higher Windows it is “ PolicyDefinitions” – automaticall created when a DC built under C:\Windows\ Process: Incorporate Chrome GPO templates:         1.       To manage Chrome settings through Group Policies, you
Read more

File Server Migration: Windows Server 2008R2 to Windows Server 2019

Image
  Scenario:   We have a File Server on Windows Server 2008R2 . The File Server has several departmental shares & it is accessed by the department user only. But among them few have RW (Read & Write) permission, rest have only R (Read) permission. Also every dept. share have disk quota & every authorized user has their shared folder mapped as a network drive in their Windows Explorer. In my environment, I have implemented the procedure for 15 different departmental share folders accessing different departments consist of 10-30 users each dept & each shared folder volume is 100 GB to 500GB. Challenges: 1 .       Migrated Share Folders must have the same level of permission as on W2008 Server. 2.        Several Disk quota templates need to export to new W2019 to minimized the effort.   Users should be transparent to this migration & their access to the shared folder must be flowless – that meant users
Read more