Set primary and secondary DNS server addresses using ConfigMgr and PowerShell

Introduction

Just a very quick nugget, finishing up this year of IT.

We needed to change the configured DNS server addresses, on a good bunch of (non-domain joined) servers before heading into 2022. Per usual, I don’t like to do stuff manually, so I took the opportunity to write up a PowerShell script in order to assist us.

I figured this is something anybody might find useful, so I wanted to share the script I ended up creating.

For your convenience, I’m also illustrating how this can be used in combination with ConfigMgr, as this obviously was a requirement for automation purposes.

Happy New Year! 🙂

PowerShell

Find the script over at my GitHub page: PowerShell/Change-DNSServers.ps1 at master · imabdk/PowerShell (github.com)

  • Use the script how you see fit. Might need som tweaking to suit your needs. Remember to test thoroughly before using in production!

The use of the script is pretty straightforward. It’s created to accept parameters, so you don’t have to modify the content of the actual script on a need to need basis.

Changing the primary and secondary DNS server addresses, is done by running the script with the -primDNS and -secDNS parameters:

  • Change-DNSServers.ps1 -primDNS 8.8.8.8 -secDNS 8.8.4.4

If in need of resetting the DNS server addresses back to default, run the script like so, and set the -primDNS and -secDNS parameters to 0:

  • .\Change-DNSServers.ps1 -primDNS 0 -secDNS 0

Configuration Manager

Using the script with ConfigMgr is easy as well.

Create a package containing the .ps1 file, with a program running following command line:

  • powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -WindowStyle Hidden -File .\Change-DNSServers.ps1 -primDNS 8.8.8.8 -secDNS 8.8.4.4

Remember to let the program to run with administrative rights:

ENJOY 🙂

9 thoughts on “Set primary and secondary DNS server addresses using ConfigMgr and PowerShell”

    • In that case the script should be tailored differently. You could edit the script to loop through each NIC or to target a specific NIC. I didn’t have that requirement though. See the script as inspiration instead 🙂

      Reply
  1. Firstly, without AD, how are these non domain joined machines getting being advertised in config manager? Network Discovery? Not great. That also means there’s a highly privileged account running on those machines without control. Not great. In any case, you don’t mention why you’re in this situation, or even how to get in this situation. Some context and detail of how you’d have a non domain joined machine managed by config manager would be useful. Lastly, Google DNS? This isn’t 2001. You should be using protected DNS services like Quad9.

    Reply
    • I appreciate your feedback, but no, you’re mistaken. Not network discovery. Non-domain joined servers can be managed just fine without an AD and without network discovery. I believe the servers in question are born with ConfigMgr, as in they have been PXE booted into this state. Explaining the context is irrelevant in this case, and could compromise sensitive details about the environment. Google DNS was just an example, I’m not disclosing what provider (free or paid) we switched to. 🙂

      Reply
  2. Thanks for this Martin. Do you know how I could execute this script in Intune (difference being Custom scripts in Intune doesn’t have a command line field like Config Mgr does)?

    Reply
  3. Anyone know how I could invoke this script into Intune? Without the command line entry like you get in ConfigManager, I can’t see a clear way.

    Reply

Leave a Reply to Martin Bengtsson Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.