PowerShell to Replicate UDM-Pro DNS Records to Windows DNS Server

 Hello Friends... Thought some of you might find value in this... The following script will SSH to your UDM-Pro, export the DNS data, and parse the data to add host and PTR records in Windows DNS. The script removes any outdated/duplicate records before adding the new record.

Please note you will need the Posh-SSH module installed and SSH enabled on your UDM-Pro.

# Define variables
$UDMProHost = "UDMPro_IP"
$UDMProUsername = "UDMPro_Username"
$UDMProPassword = "UDMPro_Password"
$WindowsDNSServer = "Windows_DNS_IP"
$WindowsDNSZone = "yourdomain.local"
$WindowsDNSReverseZone = "0.168.192.in-addr.arpa"

# Connect to UDM-Pro using SSH
$UDMProCreds = New-Object System.Management.Automation.PSCredential ($UDMProUsername, ($UDMProPassword | ConvertTo-SecureString -AsPlainText -Force))
$UDMProSession = New-SSHSession -ComputerName $UDMProHost -Credential $UDMProCreds

# Export UDM-Pro DNS data
$UDMProDNSExport = Invoke-SSHCommand -SSHSession $UDMProSession -Command "cat /etc/hosts"

# Disconnect SSH session
Remove-SSHSession -SSHSession $UDMProSession

# Parse exported DNS data
$DNSRecords = $UDMProDNSExport.Output -split "`n" | Where-Object {$_ -match "^(\d{1,3}\.){3}\d{1,3}"}

# Create DNS records on Windows DNS server
foreach ($record in $DNSRecords) {
    $recordArray = $record -split "\s+"
    $ipAddress = $recordArray[0]
    $hostname = $recordArray[1]

    # Remove existing DNS records with the same hostname
    $existingRecordA = Get-DnsServerResourceRecord -ComputerName $WindowsDNSServer -ZoneName $WindowsDNSZone -RRType A -Name $hostname -ErrorAction SilentlyContinue
    if ($existingRecordA) {
        Remove-DnsServerResourceRecord -ComputerName $WindowsDNSServer -ZoneName $WindowsDNSZone -InputObject $existingRecordA -Force
    }

    # Add DNS A record to Windows DNS server
    Add-DnsServerResourceRecordA -ComputerName $WindowsDNSServer -ZoneName $WindowsDNSZone -Name $hostname -IPv4Address $ipAddress -AllowUpdateAny

    # Remove existing PTR records with the same IP address
    $ptrName = (($ipAddress.Split(".") | Select-Object -Last 1) -join ".") + "." + $WindowsDNSReverseZone
    $existingRecordPTR = Get-DnsServerResourceRecord -ComputerName $WindowsDNSServer -ZoneName $WindowsDNSReverseZone -RRType PTR -Name $ptrName -ErrorAction SilentlyContinue
    if ($existingRecordPTR) {
        Remove-DnsServerResourceRecord -ComputerName $WindowsDNSServer -ZoneName $WindowsDNSReverseZone -InputObject $existingRecordPTR -Force
    }

    # Add DNS PTR record to Windows DNS server
    Add-DnsServerResourceRecordPtr -ComputerName $WindowsDNSServer -ZoneName $WindowsDNSReverseZone -Name $ptrName -PtrDomainName "$hostname.$WindowsDNSZone" -AllowUpdateAny
}

Comments

Post a Comment

Popular posts from this blog

Unveiling the Power of PowerShell Regions: A Comprehensive Guide

 Introduction PowerShell has gained widespread popularity as a powerful task automation and configuration management framework. As your PowerShell scripts grow in size and complexity, it's essential to maintain readability and organization. One often under-utilized feature of PowerShell that can significantly improve code readability is the use of 'regions'. In this blog post, we will delve into the concept of regions in PowerShell, exploring their applications, benefits, and how you can make the most of them in your scripts. What are PowerShell Regions? PowerShell regions are collapsible sections of code, demarcated by special comments, that allow you to group and organize related code snippets. The primary purpose of regions is to improve the readability of your scripts by allowing you to fold or collapse sections of code that are not actively being worked on. These regions can be expanded or collapsed using the 'Expand-Collapse' functionality available in most mo...
Read more

PowerShell Script to Remotely Update Firmware on Brother Printers Microsoft

While this does not work for all models or configurations of Brother printers, it can be a lifesaver so I thought I would share: # Set your printer's IP address and model number $PrinterIP = "192.168.1.100" $PrinterModel = "HL-L8360CDW" # Define the URL for the firmware download page $FirmwareURL = "https://support.brother.com/g/b/downloadtop.aspx?c=us&lang=en&prod=$($PrinterModel.ToLower())_eus" # Get the latest firmware version from Brother's website $LatestFirmwareInfo = (Invoke-WebRequest -Uri $FirmwareURL -UseBasicParsing).Links | Where-Object { $_.href -like "*.firm" } | ForEach-Object { @{ Version = $_.innerText.Trim() -replace '[^0-9.]', ''; DownloadUrl = $_.href } } | Sort-Object -Descending -Property Version | Select-Object -First 1 if (!$LatestFirmwareInfo) { Write-Host "Couldn't retrieve the latest firmware version for the printer model. Please verify the printer model an...
Read more

PowerShell to Download All Critical/High Lacework Alerts From the Last 24 Hours

Not sure how many folks here would use this but I needed this as part of a larger project so I thought I would share: # Define Lacework API key, endpoint, and time range $APIKey = "your_lacework_api_key" $BaseURI = "https://api.lacework.net/api/v1" $TimeRange = (Get-Date).AddHours(-24).ToString("yyyy-MM-ddTHH:mm:ssZ") # Create authentication headers $Headers = @{ 'Content-Type' = 'application/json' 'x-api-key' = $APIKey } # Define function to get alerts function Get-LaceworkAlerts($severity, $since) { $URI = "$BaseURI/external/vulnerabilities/container?start_time=$since&severity=$severity" try { $Response = Invoke-WebRequest -Uri $URI -Headers $Headers -Method Get $Alerts = ($Response.Content | ConvertFrom-Json).data } catch { Write-Error "Error fetching Lacework alerts: $_" $Alerts = $null } return $Alerts } # Get critical and high alerts ...
Read more