Set DNS servers via GPO Server 2012 R2

You may also like...

55 Responses

  1. Leo says:

    Great. Thanks. How to modify the script if more than two dns?

  2. Nikolinjo says:

    We havent’ tried it, but you can try to add additional DNS servers like this:

    @echo off
    set dnsserver=192.168.1.1
    set dnsserver2=192.168.1.2
    set dnsserver3=192.168.1.3
    for /f “tokens=1,2,3*” %%i in (‘netsh interface show interface’) do (
    if %%i EQU Enabled (
    rem echo change “%%l” : %dnsserver%
    netsh interface ipv4 set dnsserver name=”%%l” static %dnsserver% both
    netsh interface ipv4 add dnsserver name=”%%l” %dnsserver2% index=2
    netsh interface ipv4 add dnsserver name=”%%l” %dnsserver3% index=3
    )
    )

    With index value you specify the position of the added DNS server in the list of DNS servers for the interface.
    Please let me know if it worked for you.
    Regards.

  3. Leo says:

    Thanks a lot, I will try later

  4. Leo says:

    It worked. But I got a pop-up message “The configured DNS server is incorrect or does not exist.” How to get rid of it?

  5. Nikolinjo says:

    Can you please provide a screenshot.
    All DNS servers that you have specified are configured and online?

  6. Leo says:

    Forget about the pop-up message. However, the login script can only work for those who has admin right account. Any other way this can be fixed?

  7. Nikolinjo says:

    If you deploy it via Group Policy it will run normally under user permissions.

  8. Mtedross says:

    How to modify the script to apply it to just one interface. Basically applying script to 1st interface, which in most cases in the wired connection, and exclude the wireless interface, which always comes after the wired interface.

    • Nikolinjo says:

      This script applies changes only to one interface.

      • Mtedross says:

        It is applying the settings to all available interfaces. all the wireless network cards on all the laptops of the organization get both corporate DNS IPs.

      • Dean says:

        Any update to this script to only apply to the “Ethernet” LAN only? As listed above, it’s applies to everything with is not ideal.

  9. NS says:

    Hi nikolinjo,

    We have deployed this DNS script to put the DNS servers, however now we need to remove them but unable to run the removal script. What changes i need to do in the script to remove then DNS ?

  10. Nikolinjo says:

    Hi NS,

    have you tried to remove the script from GPO containter and navigating to:
    Computer Configuration | Administrative Templates | Network | DNS Client | DNS Servers

    Set this setting to Disabled and see if it helps.

    Regards,
    Nik

  11. NS says:

    Thanks Niko but this setting will not work since it only supports Windows XP.
    Do you have any other suggestion, if there is any script ?

  12. Rob says:

    Nikolinjo, this looks like exactly what I need. I’m migrating users from domain1 to domain2 (in phases), and have already migrated all IP space from domain1 to domain2’s DHCP (which are different). Now, within the same DHCP scope, I have domain2 FQDN along with domain1 FQDN clients. I can’t use 2012’s DHCP policy, since checking the condition of FQDN doesn’t allow any option changes (i.e. applying DNS settings for each domain). I’m going to try this (via GPO) to apply changes based on the FQDN suffix. Fingers crossed!

  13. Dean says:

    Hi Nikolinjo,

    I’ve put in my parameters for this script, but it’s failing to run. When I try to run the batch file via command prompt, I get the error: “1 was unexpected at this time.”

    Any ideas? I really need this working. Thanks!

    • Nik says:

      Can you post script changes you have made. You can fake ip addresses.

      • Dean says:

        @echo off
        set dnsserver=xxx.xxx.xxx.xx
        set dnsserver2=xxx.xxx.xxx.xx
        set dnsserver3=xxx.xxx.xx.xx
        for /f “tokens=1,2,3*” %%i in (‘netsh interface show interface’) do (
        if %%i EQU Enabled (
        rem echo change “%%l” : %dnsserver%
        netsh interface ipv4 set dnsserver name=”%%l” static %dnsserver% both
        netsh interface ipv4 add dnsserver name=”%%l” %dnsserver2% index=2
        netsh interface ipv4 add dnsserver name=”%%l” %dnsserver3% index=3
        )
        )

        I think I may have found the issue. From some reason, notepad can paste different double quotes. Some are straight the others are curved. That’s the only difference I could see.

        Also, it tells me I need to run under elevated permissions. I need this to apply to users who won’t have local admin rights on any given workstation. Will the script still run via GPO?

  14. Nik says:

    It’s a startup script, so it is under Computer Configuration.
    Please read the article again:
    Computer Configuration | Administrative Templates | Network |DNS Client | DNS Servers

  15. Israel R. says:

    Hi Nik. I have the same problem, the GPO does not apply to clients with W7 applies only copying the file locally and running as administrator. Any idea??
    Thank you

  16. Nik says:

    Can you run gpresult /R on one of the Win7 machines to see if the policy has actually been applied?

  17. Nikica says:

    Hmm, then you did something wrong 🙁 I can’t help you if I don’t see the policy in place. 🙁

  18. Muhammed says:

    I have applied same setting and it is not working. Please advise

  19. Muhammed says:

    I figured out and its working now. I want to set it back to DHCP when user shutdown the computer, could you please suggest what changes need to done in this script for this.

  20. Jorge Sanchez Cruz says:

    Hi. thanks for the information.
    I ran the bat in windows Server 2012 R2 and Windows 10 and worked fine but not on Windows 7.
    for windows 7 we created a new bat as shown below and ras as administrator.
    wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder (“10.10.10.1”, “10.10.10.2”, “192.168.10.1”)

    That works for us without modify anything to Windows 7.

    Thanks for your help, I do appreciate it.

    Blessings.

  21. n4 says:

    the script in the article doesn’t work as a Startup Script. I can run it locally, but that’s not helpful.

    • n4 says:

      My bad. It works fine if you set a network startup delay and ‘wait for network’ at startup. New domain, didn’t already have those in place. Works great.

  22. Alex Dunn says:

    Hey, don’t know if anyone is still checking this. This script was helpful! However, several of the machines I’m trying to run it on have more than one ethernet adapter built into their motherboard, and which one we use is different depending on the machine. This script always seems to run on the first one, rather than the one that is active. I’m trying to add to the script to have it at least run on the first two ethernet adapters it finds, which should handle every use case I need it for. Any advice?

    • Nik says:

      Hey Alex,
      can you try to add this syntax for other adapters:
      netsh interface set interface name=”interface name” ipv4 set dnsserver name=”%%l” static %dnsserver% both

  23. Gilbert says:

    Nik,

    Thanks for the post. It has got me going in the right direction. I am trying to use the second version of the script with the WINS server, but we have two WINS servers. How do I update the second script to account for the second WINS server?

  24. Gilbert says:

    Hi Nik,

    I tried that but was getting an error until I realized that somehow the quotes were changed to curly quotes and it prevented it from working. I also had to add the second DNS server as another variable at the beginning. I also used a slightly different command but it is working. Here is what it looks like:

    @echo off
    set dnsserver=192.168.1.1
    set dnsserver2=192.168.1.2
    set winsserver=192.168.1.3
    set winsserver2=192.168.1.4
    for /f “tokens=1,2,3*” %%i in (‘netsh interface show interface’) do (
    if %%i EQU Enabled (
    rem echo change “%%l” : %dnsserver%
    netsh interface ipv4 set dnsserver name=”%%l” static %dnsserver% both
    netsh interface ipv4 add dnsserver name=”%%l” %dnsserver2% index=2
    netsh interface ipv4 set winsserver name=”%%l” static %winsserver%
    netsh interface ipv4 add winsserver name=”%%l” %winsserver2% index=2
    )
    )

    Thanks again for the post!

  25. khoa says:

    Dear Nik,
    In my system there are already two DNS servers, now I want to add 2 (or more) new IP DNS servers. how do i update the script to add new ip server dns, please help me, thanks a lot Nik

  26. Paul Ireland says:

    I have roughly 6 dns servers for 3 sites. I would like to assign all DNS servers to all servers, but have the primary and secondary be the ones at the local site.

    Is there a way to use group policy to assign DNS addresses in a particular order based on the site?

  27. emeric says:

    doesn’t work for me
    no error in batch file
    same ip …

    try this too the same :
    netsh int ipv4 set dns name=”%%l” static %DNS1% primary validate=no
    netsh int ipv4 add dns name=”%%l” %DNS2% index=2 validate=no

  28. Michael Hamilton says:

    I like the script and the feedback. If I wanted to remove WINS can it be done in the same script ? Going to start testing the script by tomorrow I hope.

    • Nik says:

      Haven’t tried it but it should work with the following command:
      netsh interface ipv4 delete winsserver name=”%%l” static %winsserver%

      Please let us know the outcome.

  29. Mike Hamilton says:

    I have not tried the WINS part yet .. And rookie question. I have put the ip’s in I want to assign and saved the script as a bat file .. Tried to run as admin and within a admin command prompt window and no luck .. In command prompt window just say 1 unexpected at this time and nothing. Been a long time since I have tried to do this. I put the script into notepad and saved as a bat file ? Any help would be cool. this is not a powershell correct ?

    • Nik says:

      Correct, save it as a .bat, but make sure that you have unchecked the “hide extensions for known file types” option. Otherwise, you’ll save the file in the .bat.txt file format.

  30. Michael hamilton says:

    I really appreciate you getting back so fast .. 🙂 And feeling like its Monday. I read the one guy who had the same error and mentioned the quotes issue .. So I installed notepad++ to use instead since it has a specific save as .bat and some other stuff .. So I cut and pasted it into that and saved again and got the same issue .. I’m using the one you added the third dns server to as we have three we want to change .. And if you mean the hide extensions in windows explorer I toggle it and see the .bat disappear and come back with no .txt added .. This is the one I cut and paste .. Just changing the IP to match what we want

    @echo off
    set dnsserver=192.168.1.1
    set dnsserver2=192.168.1.2
    set dnsserver3=192.168.1.3
    for /f “tokens=1,2,3*” %%i in (‘netsh interface show interface’) do (
    if %%i EQU Enabled (
    rem echo change “%%l” : %dnsserver%
    netsh interface ipv4 set dnsserver name=”%%l” static %dnsserver% both
    netsh interface ipv4 add dnsserver name=”%%l” %dnsserver2% index=2
    netsh interface ipv4 add dnsserver name=”%%l” %dnsserver3% index=3
    )
    )

  31. Mike Hamilton says:

    Next side note .. yay .. lol .. I went through the script and refreshed all the “.s … And it works now .. 🙂 so not sure what the cut and paste does but I had to fix my quotes like the other guy … So will try the remove WINS in a bit .. THANKS!! Boss will like progress ..

    • Nik says:

      K’m glad it’s working. BTW, if it’s working without issues I will update this article.
      Thanks and have a nice weekend 🙂

  32. Mike Hamilton says:

    Only things I had were the first echo command gave an error like there is some hidden ascii that effects that .. And first try at wins deleting did not work. Says parameter is incorrect. Think I have the right ” in that command .. I just added it at the end of the script if it should work there ? There other stuff still works.

  33. Omar López says:

    Well, for using with windows in another language you shuld change
    ” if %%i EQU Enabled ”
    instead of Enabled you should place the translation for the windows language, for example, Enabled in spanish is Habilitado, this will make it work

    • Vladimir says:

      @echo off
      chcp 861>nul

      For russian example:) Change your codepage and script ask you in William Shakespeare language!!!

  34. MICHAEL HAMILTON says:

    Sorry got out on other things for a while .. thanks for the information again .. My echo looks just like the script metioned ..

    @echo off
    set dnsserver=x.x.x.x

    that’s what gave me the error .. And I found a article to confirm I was setting up the GPO right and that article says I need to not only put my bat file in a certain location (have done that) but also says I need to add logon.bat ? Is that true .. I will probably test without to start.

    https://www.websense.com/content/support/library/web/v78/logon_agent/la_configure_scripts.aspx

  35. MICHAEL HAMILTON says:

    I mean logonapp.exe

  36. Javier says:

    Hi, I also recommend using powerhsell. This will allow you to change an old DNS server for a new one.

    $inet1=Get-DnsClient | Get-DnsClientServerAddress | where{$_.ServerAddresses -contains “192.168.0.245” -or $_.ServerAddresses -contains “192.168.0.207”}
    foreach($nic in $inet1){
    Set-DnsClientServerAddress -InterfaceIndex $nic.InterfaceIndex -ServerAddresses (“192.168.0.245″,”192.168.0.114”)
    }

    ## then just create a GPO to call this powerhsell.ps1 file script as an immediate Schedule tasks , and this will make the changes.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.