Tuesday, October 16, 2018

New-PSDrive - PowerShell Cmdlet of the Week

To launch this series of exploring a PowerShell cmdlet each week, I'd like to start off with one I discovered last week.

New-PSDrive

I had need of this particular cmdlet as I was setting up a Hyper-V Server 2019 host and I needed to get the ISO images from a file share located on a remote file server called FILE01. Normally I would use the "Map Network Drive" utility built into File Explorer, but as there isn't a GUI to use, I needed a different solution. While I could have fallen back on the classic net use command, I thought it might be nice to figure out how to use PowerShell to accomplish this task.

As it turns out, it is really easy to connect to a remote file share. You simply enter:

New-PSDrive -Name Z -Root "\\file01\LabShare" -PSProvider Filesystem

To break down this list of Parameters:
-Name Z  -  Assigns the drive letter "Z"
-Root "\\file01\LabShare" - Specifies the remote server and share name
-PSProvider Filesystem  -  Tells the cmdlet that we want to use the filesystem provider

-Persist  -  Optionally, you can use this parameter to reconnect to the share at the next login

To confirm that we were successful, simply run Get-PSDrive













As you can see, we have successfully connected to our file share.

That's all there is to it!


Wednesday, February 14, 2018

Configuring and Managing GlobalNames Zones

This post is going to cover some introductory information on creating GlobalNames zones for Windows Server 2012/2012 R2, and will cover much of the Microsoft 70-412 exam objective 4.6.2 "Configure a GlobalNames zone". The information I am sharing here is based on my study notes for the 70-412 exam. While GlobalNames zones are also available on Windows Server 2016, this article focuses specifically on Windows Server 2012 R2 and the Microsoft 70-412 exam objective.

The GlobalNames zone is a special DNS zone that allows for single-label name resolution, versus a FQDN (Fully Qualified Domain Name) lookup. It is utilized by clients if name resolution fails to yield results using either the Primary or Secondary DNS search suffixes, and is intended as a replacement for WINS. While GlobalNames covers some of the functions provided by WINS, it also adds a few new capabilities. GlobalNames provides this service via DNS by utilizing single-label CNAME records that are aliases for existing host records located in other DNS zones.

There are a couple of things to notes about how a DNS server interacts with the GlobalNames zone, and how it changes the behavior slightly. First, an authoritative DNS server handles searches in the following order until name resolution is achieved: Local zone data, GlobalNames zone, then, if it is unsuccessful, it hands the query off to a WINS server (if available). Second, when a DNS server is processing Dynamic DNS updates, it first checks the GlobalNames zone to ensure that the new entry is unique prior to adding them to a locally hosted zone.

While it may not be a commonly deployed solution, here are a few specific use cases where you might consider using GlobalNames:
  • You need to be able to provide single-label name resolution to IPv6 host. WINS does not support using IPv6 addresses.
  • You have only a small number of hosts that need single-label name resolution.
  • You are looking to retire WINS and move to a DNS only name resolution model, but you still have a requirement for single-label names for some legacy applications

It is also important to be aware of these gotchas:
  • The GlobalNames zone does not populate automatically. Each entry must be added manually.
  • It is not intended to support peer-to-peer networks for workstation name resolution
  • It does not support Dynamic DNS updates, so any changes must be edited manually
  • While it is possible to configure GlobalNames to work between Active Directory forests, it requires some additional steps that are beyond the scope of this article.

While there aren't many requirements for a using a GlobalNames zone, there are a couple. First, you must be running Windows Server 2012/2012 R2. Second, all other DNS servers must be running Windows Server 2008 or higher.

To configure a GlobalNames zone, follow these 3 simple steps:
  1. Create a new AD Integrated zone called ‘GlobalNames’ and set it to replicate to the entire forest
  2. Activate the GlobalNames zone on each DNS server in the forest by running this PowerShell cmdlet: Set-DnsServerGlobalNamesZone –ComputerName servername –Enable $true
  3. Create entries in the GlobalNames Zone

Demo: Configure a GlobalNames Zone using PowerShell

In this demo, we are going to configure the GlobalNames zone, and add an entry. It is possible to use the DNS management console to create the GlobalNames zone and add entries, however, I have chosen not to demo that here, and instead focus on using PowerShell

This lab environment consists of four Windows Server 2012 R2 domain controllers. They are all in the same forest and all have DNS installed. The domain controller placement is as follows:

DC01 & DC02 - contoso.com (forest root domain)
DC03 - canada.contoso.com (child domain)
DC04 - wingtiptoys.com (tree domain)

Step 1: Create a new AD Integrated zone called ‘GlobalNames’ and set it to replicate to the entire forest, then verify the zone was created:

Add-DnsServerPrimaryZone -Name GlobalNames -ReplicationScope Forest

Get-DnsServerZone | Where ZoneName -eq "GlobalNames"


Step 2: Activate the GlobalNames zone on each DNS server in the forest. In this case we want to activate it on all four domain controllers, so in order to save a bit of time, we can use a foreach loop.

$servers = "DC01","DC02","DC03","DC04"
foreach ($dnsserver in $servers)
{
    Set-DnsServerGlobalNameZone -ComputerName $dnsserver -Enable $true
}




Step 3: Create an entry in the GlobalNames zone. We are going to create a single-label name called financeapp and point it to webapp25.contoso.com, then verify that it was created.

Add-DnsServerResourceRecordCName -ZoneName GlobalNames`
-HostNameAlias "webapp25.contoso.com" -Name "financeapp"

Get-DnsServerResourceRecord -ZoneName GlobalNames -RRType CName

That's all there is too it. Creating and managing a GlobalNames zone using PowerShell is relatively simple.

Have a great week everyone!