rsteenwyk · March 15, 2018 01:40
diff --git a/check-dns-servers.ps1 b/check-dns-servers.ps1
 #Take in the string environment variable Puppet sets for us, remove [ and ], whitespace and split on ,
 [array]$dnsarray = $env:dnsservers -replace '[][]','' -replace '\s',''  -split ','

 #We need to search registry for the connection name - prior to 2012 there is no WMI class with this info. 
 $Searchpath = Get-ChildItem HKLM:\SYSTEM\CurrentControlSet\Control\Network\ -Recurse
 $NetworkReg = $Searchpath | ForEach-Object { Get-ItemProperty $_.pspath} | Where-Object {$_.Name -eq $env:ifname}

 #Correlete adapter to connection name with PnpInstanceID, then AdapterConfiguration with the adapter interfaceindex.
 $Adapter = Get-WmiObject -Class Win32_NetworkAdapter | Where-Object {$_.PNPDeviceID -eq $NetworkReg.PnpInstanceID}
 $AdapterConfig = Get-WmiObject -Class win32_networkadapterconfiguration -Filter "ipenabled = 'true'" -ComputerName localhost | Where-Object {$_.InterfaceIndex -eq $Adapter.InterfaceIndex }

 $StrCurrentDNS = $AdapterConfig.DNSServerSearchOrder | Out-String
 $StrPuppetDNS = $dnsarray | Out-String

 #If strings match, we exit with a failure code, as we do not want the set command to run.
 if ($StrCurrentDNS -eq $StrPuppetDNS) {
    Exit 1
 }
 #If strings do not match, we should exit success and have the set command run.
 else {
    Exit 0
 }
diff --git a/dnsclient.pp b/dnsclient.pp
 #Manages DNS servers per NIC. 
 #If you set $validate to false, it will not fail to apply if it cannot reach the DNS server.

 class network_win::dnsclient (
  String[1] $interfacename = 'Prod',
  Enum['IPv4', 'IPv6'] $ipfamily = 'IPv4',
  Array[Stdlib::Compat::IP_Address] $dnsservers = ['8.8.8.8','8.8.4.4'],
  Boolean $validate = true,
 ) {

  if $facts['kernelmajversion'] >= '6.2' {

      dsc_xdnsserveraddress
        {'dns_servers':
          dsc_interfacealias => $interfacename,
          dsc_addressfamily  => $ipfamily,
          dsc_address        => $dnsservers,
          dsc_validate       => $validate,
        }
  }

  else {
      exec { 'Set DNS Servers':
        command     => file('network_win/set-dns-servers.ps1'),
        onlyif      => file('network_win/check-dns-servers.ps1'),
        environment => [ "dnsservers=$dnsservers", "ifname=$interfacename" ],
        provider    => powershell,
      }
  }
 }
diff --git a/set-dns-servers.ps1 b/set-dns-servers.ps1
 #Take in the string environment variable Puppet sets for us, remove [ and ], whitespace and split on , .
 [array]$dnsarray = $env:dnsservers -replace '[][]','' -replace '\s',''  -split ','

 #We need to search registry for the connection name - prior to 2012 there is no WMI class with this info. 
 $Searchpath = Get-ChildItem HKLM:\SYSTEM\CurrentControlSet\Control\Network\ -Recurse
 $NetworkReg = $Searchpath | ForEach-Object { Get-ItemProperty $_.pspath} | Where-Object {$_.Name -eq $env:ifname}
 if ($NetworkReg -eq $null) {
    Write-Error -Message "Could not find interface name: $env:ifname in registry"
    Exit 1
 }
 Else {
    #Correlete adapter to connection name with PnpInstanceID, then AdapterConfiguration with the adapter interfaceindex.
    $Adapter = Get-WmiObject -Class Win32_NetworkAdapter | Where-Object {$_.PNPDeviceID -eq $NetworkReg.PnpInstanceID}
    $AdapterConfig = Get-WmiObject -Class win32_networkadapterconfiguration -Filter "ipenabled = 'true'" -ComputerName localhost | Where-Object {$_.InterfaceIndex -eq $Adapter.InterfaceIndex }
    $SetResult = $AdapterConfig.SetDNSServerSearchOrder($dnsarray)
    
    #If this evaluates true, our intended DNS servers were set correctly.
    if ($SetResult.ReturnValue -eq '0') {
        Exit 0
    }
    else {
        Exit 1
    }

 }
	#Take in the string environment variable Puppet sets for us, remove [ and ], whitespace and split on ,
	[array]$dnsarray = $env:dnsservers -replace '[][]','' -replace '\s','' -split ','

	#We need to search registry for the connection name - prior to 2012 there is no WMI class with this info.
	$Searchpath = Get-ChildItem HKLM:\SYSTEM\CurrentControlSet\Control\Network\ -Recurse
	$NetworkReg = $Searchpath \| ForEach-Object { Get-ItemProperty $_.pspath} \| Where-Object {$_.Name -eq $env:ifname}

	#Correlete adapter to connection name with PnpInstanceID, then AdapterConfiguration with the adapter interfaceindex.
	$Adapter = Get-WmiObject -Class Win32_NetworkAdapter \| Where-Object {$_.PNPDeviceID -eq $NetworkReg.PnpInstanceID}
	$AdapterConfig = Get-WmiObject -Class win32_networkadapterconfiguration -Filter "ipenabled = 'true'" -ComputerName localhost \| Where-Object {$_.InterfaceIndex -eq $Adapter.InterfaceIndex }

	$StrCurrentDNS = $AdapterConfig.DNSServerSearchOrder \| Out-String
	$StrPuppetDNS = $dnsarray \| Out-String

	#If strings match, we exit with a failure code, as we do not want the set command to run.
	if ($StrCurrentDNS -eq $StrPuppetDNS) {
	Exit 1
	}
	#If strings do not match, we should exit success and have the set command run.
	else {
	Exit 0
	}
	#Manages DNS servers per NIC.
	#If you set $validate to false, it will not fail to apply if it cannot reach the DNS server.

	class network_win::dnsclient (
	String[1] $interfacename = 'Prod',
	Enum['IPv4', 'IPv6'] $ipfamily = 'IPv4',
	Array[Stdlib::Compat::IP_Address] $dnsservers = ['8.8.8.8','8.8.4.4'],
	Boolean $validate = true,
	) {

	if $facts['kernelmajversion'] >= '6.2' {

	dsc_xdnsserveraddress
	{'dns_servers':
	dsc_interfacealias => $interfacename,
	dsc_addressfamily => $ipfamily,
	dsc_address => $dnsservers,
	dsc_validate => $validate,
	}
	}

	else {
	exec { 'Set DNS Servers':
	command => file('network_win/set-dns-servers.ps1'),
	onlyif => file('network_win/check-dns-servers.ps1'),
	environment => [ "dnsservers=$dnsservers", "ifname=$interfacename" ],
	provider => powershell,
	}
	}
	}