Windows Equivalent on dnsmasq in Appveyor - appveyor

What do you all recommend using as a replacement for dnsmasq on Windows on AppVeyor? Do you have any installation instructions for a replacement or an example job I can look at?

I believe it is pretty easy to script installation (using Install-WindowsFeature) and configuration of standard MS DNS and DHCP on Appveyor VM and configure them with PowerShell.
Here are useful PowerShell commands:
https://technet.microsoft.com/en-us/library/jj590751(v=wps.630).aspx
https://technet.microsoft.com/en-us/library/jj649850.aspx
Here is sample install section for Appveyor.yml:
install:
- ps: |
Install-WindowsFeature -Name DNS -IncludeManagementTools -WarningAction SilentlyContinue
Install-WindowsFeature -Name DHCP -IncludeManagementTools -WarningAction SilentlyContinue
Add-DnsServerPrimaryZone -Name foo.bar -ZoneFile foo.bar.dns
Add-DhcpServerv4Scope -Name TestScope -StartRange 192.168.1.100 -EndRange 192.168.1.110 -SubnetMask 255.255.255.0
$ip = (Get-NetIPAddress -AddressFamily IPv4 | Where-Object {$_.InterfaceAlias -like '*ethernet*'}).IPAddress
Set-DHCPServerv4OptionValue -DnsDomain foo.bar -DnsServer $ip
However, I am not sure I fully understand the scenario. What machines are going to be clients of those services? Appveyor build is being executed on the single VM, which is behind the NAT and it is not accessible from public Internet. Or it will be some pieces of your software who will connect to local machine’s DNS/DHCP server, acquire private IP and register some name?
Also please note that you can configure hosts file, which may be simpler solution for your problem.
Thank you,
Ilya.

Related

How to resolve latest DNS CName results via powershell

I am trying to resolve the latest DNS CName using the following powershell script. However due to the DNS server caching, I am getting the cached host name which is not the latest CName.
Is there anyway to avoid this and get the latest results? (as in digwebinterface.com)
Afterwards I am invoking a third party DNS management API, which will modify or create DNS CName mapping. For this I need the latest dns data.
#resolve the dns host name
$resolvedCName = Resolve-DnsName -Name $vanityHostName -DnsOnly -Type CNAME |
Select-Object -First 1 -Property Name,NameHost
write-host $resolvedCName.NameHost
This is not a PowerShell issue or error. Its an environment condition.
Why are you not just clearing the cache as part of what you are doing?
Are you saying, that the DnsClientCache cmdlets or Ipconfig -FlushDNS are not giving you what you are after?
The Clear-DnsClientCache cmdlet deletes all the contents of the DNS client cache. Running this cmdlet is equivalent to running ipconfig /flushdns.
Get-Command -Name Clear-DnsClientCache | Format-Table -AutoSize
<#
CommandType Name Version Source
----------- ---- ------- ------
Function Clear-DnsClientCache 1.0.0.0 DnsClient
#>
# get function / cmdlet details
Get-Command -Name Clear-DnsClientCache -Syntax
(Get-Command -Name Clear-DnsClientCache).Parameters.Keys
Get-help -Name Clear-DnsClientCache -Full
Get-help -Name Clear-DnsClientCache -Online
Get-help -Name Clear-DnsClientCache -Examples
ipconfig /?
<#
USAGE:
ipconfig [/allcompartments] [/? | /all |
/renew [adapter] | /release [adapter] |
/renew6 [adapter] | /release6 [adapter] |
/flushdns | /displaydns | /registerdns |
/showclassid adapter |
/setclassid adapter [classid] |
/showclassid6 adapter |
/setclassid6 adapter [classid] ]
where
adapter Connection name
(wildcard characters * and ? allowed, see examples)
Options:
...
/flushdns Purges the DNS Resolver cache.
/registerdns Refreshes all DHCP leases and re-registers DNS names
…
#>
Apologies for the late response, finally I decided to go with the DNS solution (Ansible Tower) API to get the CName for the hostname.
Powershell Resolve-DnsName -DnsOnly take some time to propagate the DNS. However my release pipeline expect the propagation to be done within few minutes. It's actually doing couple of changes to the host name.
The use of -DnsOnly switch will resolves the query using only the DNS protocol. Even this takes some time to resolve latest DNS results. Therefore I had to go with the API and it worked without any latency issues.
For recurring DNS testing that tou need to have change when the responsible nMe server changez the address, query the responsible namd server directly.
Clearing the client side cache will not effect Resolve-DNSName ] as it id an NSLookup equivalent and so queries the remote server directly instead of using the host's normal resolver mechanism.
So, you should locate the name servers for $VanityHostName uding a half dozen methods, such as arin or dnstoolbox, then specify the name servers for the site as the server in your query as below (4.2.2.2 is a placeholder for the address of the sites' s name server.)
#resolve the dns host name
$resolvedCName = Resolve-DnsName -Name $vanityHostName -DnsOnly -Type CNAME -Server '4.2.2.2' | Select-Object -First 1 -Property Name,NameHost
write-host $resolvedCName.NameHost

Azure: How to change idle timeout for Resource Manager managed VMs/IPs

I was surprised to find out that Azure enforces a slient TCP connection timeout, which is by default set to 4 mintues. I need to change this, as we're running long-running TCP connections and no communication should be sent to conserve power on embedded devices.
There are a couple of guides online (https://azure.microsoft.com/en-us/blog/new-configurable-idle-timeout-for-azure-load-balancer/), but they all cover cases where the VMs are provisioned using the Service manager (Classic). So changing this in Classic is not an issue, but we're already running the VMs provisioned via the Resource Manager.
After running:
Switch-AzureMode AzureResourceManager
Get-AzureVM -Name "MyVM" -ResourceGroup "MyGroup" | Get-AzurePublicIpAddress
I get the configuration printout for the IP, with IdleTimeoutInMinutes set at default 4.
Changing this using:
Get-AzureVM -Name "MyVM" -ResourceGroup "MyGroup" | Get-AzurePublicIpAddress | Set-AzurePublicIpAddress -IdleTimeoutInMinutes 29
fails with: A parameter cannot be found that matches parameter name `IdleTimeoutInMinutes`.
A guide or suggestion how to go forward will be appreciated. Should I remove the IP and create a new one? There surely is a better way.
Try this for the 1.x cmdlets:
$p = Get-AzureRmPublicIpAddress -Name MyIP -ResourceGroupName MyGroup
$p.IdleTimeoutInMinutes = 29
Set-AzureRmPublicIpAddress -PublicIpAddress $p
Or if you're on the older 0.9.x cmdlets:
Switch-AzureMode
$p = Get-AzurePublicIpAddress -Name MyIP -ResourceGroupName MyGroup
$p.IdleTimeoutInMinutes = 29
Set-AzurePublicIpAddress -PublicIpAddress $p

New-NetLbFoTeam: Unknown or Random InterfaceAlias names

I'm trying to automate the create of a NIC team during an unattended Windows Server 2012 R2 install.
I've got the following PowerShell code:
New-NetLbFoTeam -Name "LANTeam" -TeamMembers "Ethernet", "Ethernet 2" -TeamNicName "LAN" -TeamingMode SwitchIndependent -LoadBalancingAlgorithm TransportPorts -Confirm:$false -ErrorAction SilentlyContinue
That works well for my Dell servers, but the HP servers Windows randomly gives InterfaceAliases to. One install Ethernet 2 could be the Broadcom, the next it could be the NC373i card.
What I'm trying to accomplish is set the -TeamMembers parameter to be the two NICs that match "HP NC373i*" wildcard for the InterfaceDescription, or have a valid DHCP address. The other team I'll do something similar, but don't retrieve a valid IP address.
I've tried setting a hash table, but not getting it to stick in there correctly.
Any assistance would be greatly appreciated!
I was able to figure it out on my own. I output the get-netadapter output to a variable, and added that:
$adapters = Get-netAdapter –InterfaceDescription “HP NC*”
$nicList = #()
Foreach ($nic in $adapters) {$nicList += $nic.Name}
$team = New-NetLbfoTeam -Name “LANTeam” -TeamNicName “LAN” -TeamMembers ($nicList) -TeamingMode SwitchIndependent -LoadBalancingAlgorithm HyperVPort -Confirm:$false

Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

When I run
Get-WmiObject win32_SystemEnclosure -Computer hostname | select serialnumber
it works for both local and remote hosts.
When I do this for a list of hosts using
ForEach ($_ in gc u:\pub\list.txt) {
Get-WmiObject win32_SystemEnclosure -Computer $_ | select serialnumber | format-table -auto #{Label="Hostname"; Expression={$_}}, #{Label="Service Tag"; Expression={$_.serialnumber}}
}
it returns
Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
Check that the "Windows Management Instrumentation (WMI-In)" rule is enabled in the firewall for each remote machine.
Or in an Administrative Command/Powershell prompt run:
netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes
It might be due to various issues.I cant say which one is there in your case.
Below given reasons may be there:
DCOM is not enabled in host PC or target PC or on both.
Your Firewall or even your antivirus is preventing the access.
Any WMI related service is disabled.
Some WMI related services are as given:
Remote Access Auto Connection Manager
Remote Access Connection Manager
Remote Procedure Call (RPC)
Remote Procedure Call (RPC) Locator
Remote Registry
For DCOM setting refer:
Key: HKLM\Software\Microsoft\OLE, Value: EnableDCOM
The value should be set to 'Y' .
Your code probably isn't using a correct machine name, you should double check that.
Your error is:
Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
This is the result you get when a machine is not reachable. So the firewall suggestions are reasonable, but in this case probably not correct because you say this works:
Get-WmiObject win32_SystemEnclosure -Computer hostname
So in your case it seems when this line is executed:
Get-WmiObject win32_SystemEnclosure -Computer $_
$_ doesn't contain a proper computer name. You could check type and contents of $_. Probably there is a problem with the file contents. If the file looks right, then maybe the lines are not properly terminated. You can take a closer look using Write-Host:
ForEach ($_ in gc u:\pub\list.txt) {
Write-Host "Get-WmiObject win32_SystemEnclosure -Computer '$_'"
Get-WmiObject win32_SystemEnclosure -Computer $_ | select serialnumber | format-table -auto #{Label="Hostname"; Expression={$_}}, #{Label="Service Tag"; Expression={$_.serialnumber}}
}
I was having the same problem but only with a few machines. I found that using Invoke-Command to run the same command on the remote server worked.
So instead of:
Get-WmiObject win32_SystemEnclosure -ComputerName $hostname -Authentication Negotiate
Use this:
Invoke-Command -ComputerName $hostname -Authentication Negotiate -ScriptBlock {Get-WmiObject win32_SystemEnclosure}
If you've tried some of the suggestions in the other answers, most notably:
David Brabant's answer: confirming the Windows Management Instrumentation (WMI) inbound firewall rule is enabled
Abhi_Mishra's answer: confirming DCOM is enabled in the Registry
Then consider other common reasons for getting this error:
The remote machine is OFF
You specified an invalid computer name
There are network connectivity problems between you and the target computer
Solved.
I was running into the exact same error message when trying to execute the following script (partial) against a remote VM that was configured to be in the WORKGROUP.
Restart-Computer -ComputerName MyComputer -Authentication Default -Credential $cred -force
I noticed I could run the script from another VM in the same WORKGROUP when I disabled the firewall but still couldn't do it from a machine on the domain. Those two things along with Stackflow suggestions is what brought me to the following solution:
Note: Change these settings at your own risk. You should understand the security implications of these changes before applying them.
On the remote machine:
Make sure you re-enable your Firewall if you've disabled it during testing.
Run Enable-PSRemoting from PowerShell with success
Go into wf.msc (Windows Firewall with Advanced Security)
Confirm the Private/Public inbound 'Windows Management Instrumentation (DCOM-In)' rule is enabled AND make sure the 'Remote Address' property is 'Any' or something more secure.
Confirm the Private/Public inbound 'Windows Management Instrumentation (WMI-In)' rule is enabled AND make sure the 'Remote Address' property is 'Any' or something more secure.
Optional: You may also need to perform the following if you want to run commands like 'Enter-PSSession'.
Confirm the Private/Public inbound 'Windows Management
Instrumentation (ASync-In)' rule is enabled AND make sure the
'Remote Address' property is 'Any' or something more secure.
Open up an Inbound TCP port to 5985
IMPORTANT! - It's taking my remote VM about 2 minutes or so after it reboots to respond to the 'Enter-PSSession' command even though other networking services are starting up without problems. Give it a couple minutes and then try.
Side Note: Before I changed the 'Remote Address' property to 'Any', both of the rules were set to 'Local subnet'.
I found this blog post which suggested adding a firewall exception for "Remote Administration", and that worked for us on our Windows Server 2008 Enterprise systems.
http://mikefrobbins.com/2012/03/08/get-wmiobject-the-rpc-server-is-unavailable-exception-from-hresult-0x800706ba/
Enabling following FW rules on target system resolved the problem on Win2k16:
Windows Management Instrumentation (WMI-In)
Distribiuted Transaction Coordinator (RPC)
Distribiuted Transaction Coordinator (RPC-EPMAP)
I was having the same issue using foreach. I saved the list to $servers and used this which worked:
ForEach ($_ in $Servers) { Write-Host "Host $($_)" | Get-WmiObject win32_SystemEnclosure -Computer $_ | format-table -auto #{Label="Service Tag"; Expression={$_.serialnumber}}
}
Thought I would add that we also ran into this issue with multiple machines in our domain. I created a list of offending machines and added them all to a text file from which to run the script. I ran this from the CMD prompt using elevated privileges.
psexec #firewallFix.txt -d netsh advfirewall firewall
set rule name="Windows Management Instrumentation (WMI-In)"
profile=domain new enable=yes profile=domain
I had same issue, and for me, I was trying to use an IP Address instead of computer name.
Just adding this as one more potential solution for people finding this down the road.
I faced the similar issue on new server that I built through automated scripts via vcenter api. Looks like the "Remote Procedure Call (RPC)" service may not be running on the remote machine. you need to wait for the service to come up to use the Get-WmiObject command. Hence I simply put the script into sleep for sometime and it worked.
Below is the native PowerShell command for the most up-voted solution.
Instead of:
netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes
Use could use the slightly simpler syntax of:
Enable-NetFirewallRule -DisplayGroup "Windows Management Instrumentation (WMI-In)"
Very odd but I used the IP address (vs the hostname) and it worked for me.
Get-WmiObject -Computername MyHostName ...
[Fails: Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)]
Get-WmiObject -Computername 50.50.50.50
[Successful]
I encountered the same "Exception from HRESULT: 0x800706BA" error with get-wmiobject -computerName remoteserverName -class win32_logicaldisk. The remote server is an AWS EC2 instance in my case. The Windows server firewall has WMI ports open. SecurityGroup attached to the EC2 instance has common RPC ports (tcp/udp 135-139, 49152 - 65535) inbound allowed.
I then ran netstat -a -b |findstr remoteServerName after kick off the get-wmiobject powershell command. Turns out the command was trying hit tcp port 6402 on the remote server! After added tcp 6402 into its Security Group inbound rule, get-wmiobject works perfectly! It appears the remote server has WMI set to a fixed port!
So if you checked all usual firewall rules and stil having problem with WMI, try use netstat to identify which port the command is actually trying to hit.
I thought I would add another thing to try. If someone has multiple domains you could try using fully qualified domain names: computer1.subdomain.domain.com
Port 135 will be used by RPC client- server communication.
So Make sure that port 135 is not blocked by your local firewall. It may be one of the reasons for not working.
Here's a link that could help you: https://www.dell.com/support/kbdoc/en-in/000179474/troubleshooting-rpc-server-unavailable-errors
Turning the firewall off resolved it for me.
I was doing this mistake
ForEach ($server in $servers) {
$OS = Get-WmiObject win32_operatingsystem -ComputerName $server
}
Which, of course, couldn't be passed, because output of the server in a csv file was #{Name=hv1g.contoso.com}
I had to call the property from csv file like this $server.Name
ForEach ($server in $servers) {
$OS = Get-WmiObject win32_operatingsystem -ComputerName $server.Name
}
It fixed my issue.
I just came to the exact same issue and found the answer here: http://powershellcommunity.org/Forums/tabid/54/aft/7537/Default.aspx
I had space characters at the end of each line the input file. If your file does too, just remove them and your script should work.

Find SCVMM Management Server within a VM Host/VM

Is it possible to locate a SCVMM Management server from within a Hyper-v host? Is this possible via powershell? I am trying to find which machine manages one of my Hyper-v hosts. I've had no luck searching through registry/wmi. Any ideas?
Thanks in advance!
Not sure about powershell, but I just had to do this today.
1) looked up the port config for scvmm. So far, 5985 looks like the one: Link
2) On your host, run netstat -ano |find "5985"
3) That should return a list scvmm management servers connected.
As far as I know, no. What you could do is to query all of your SCVMM servers and see which happens to know the guest.
Load up the VMM module and connect to your VMM.
# VM name, might or might not be hostname
$guestToLook = "myLostVM"
# A list of all of your VMM servers
$VMMServers = #("vmmsrv01", "vmmsrv02", "vmmsrv03")
$VMMServers | % {
# Connect to VMM server
Get-VMMServer $_
# Get a VM from the VMM host by guest name
$vm = Get-VM -name $myLostVM
# If VM object is returned, you got the VM from current VMM host.
if($vm.Name -eq $myLostVM) { "{0} is managed by VMM host: {1}" -f $vm.Name, $_}
}
Here's a solution via PowerShell.
First we need the registry path on the host for SCVMM config values.
$scvmmAgentKeys = 'HKLM:\SOFTWARE\Microsoft\Microsoft System Center Virtual Machine Manager Agent\Setup'
Now we grab the SCVMM agent port from the registry path.
$wsManTcpPort = (Get-ItemProperty -Path $scvmmAgentKeys -Name WSManTcpPort).WSManTcpPort
Finally, collect the addresses which are listening on that port.
$scvmmAddress = (Get-NetTCPConnection -LocalPort $wsManTcpPort).LocalAddress | Get-Unique | where { $_ -ne "::" }
Note that if anything else has a connection established on the same port (default port at time of writing is 5985) then $scvmmAddress will be an array including the addresses of those other established connections, which are not necessarily SCVMMs.
Fantastic . The only correction shall be
3. $scvmmAddress = (Get-NetTCPConnection -LocalPort $wsManTcpPort).**Remoteaddress** | Get-Unique | where { $_ -ne "::" }