Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[New Resource] DNSClientNRPTRule #114

Open
PlagueHO opened this issue Apr 28, 2016 · 6 comments · May be fixed by #533
Open

[New Resource] DNSClientNRPTRule #114

PlagueHO opened this issue Apr 28, 2016 · 6 comments · May be fixed by #533
Assignees
@PlagueHO
Labels
help wanted The issue is up for grabs for anyone in the community. resource proposal The issue is proposing a new resource in the resource module.

Comments

@PlagueHO
Copy link
Member

Need a resource to add/remove/edit DNS Client NRPT rules, including configuring entries for DA and IPSec.
@tysonjhayes
Copy link
Collaborator

Are there existing powershell commands for this? If so what are they? Just trying to give a leg up to anyone who wants to come in as a first stab.

@PlagueHO
Copy link
Member Author

PlagueHO commented May 3, 2016

@tysonjhayes - good point!

The cmdlets to use to manipulate this stuff are:

Get-DnsClientNRPTRule
Set-DnsClientNRPTRule
Remove-DnsClientNRPTRule

Here is an example of a rule I have on one of my machines that forces DNS Searches for .plagueho.local to go to the DNS Server 192.168.1.10.

2016-05-03_16-12-29

Outside of PowerShell, NRPT rules are usually managed by Group Policy (or Local Policy):
2016-05-03_16-14-24

The key tasks for NRPT is for implementing DNSSEC, IPSEC, DA and directing DNS requests to specific servers based on the prefix/suffix etc. So the resource should support at a minimum the following parameters:
GPOName (even though this is not being applied by a GPO) - this is a GUID.
IPsecCARestriction
DirectAccessDnsServers
DirectAccessEnabled
DirectAccessProxyType
DirectAccessProxyName
DirectAccessQueryIPsecEncryption
DirectAccessQueryIPsecRequired
NameServers
DnsSecEnabled
DnsSecQueryIPsecEncryption
DnsSecQueryIPsecRequired
DnsSecValidationRequired
NameEncoding
DisplayName
Comment

@PlagueHO PlagueHO mentioned this issue May 12, 2016
Closed
@PlagueHO
Copy link
Member Author

PlagueHO commented Jul 3, 2016

I'll start working on this one as I'm going to be needing it at work soon. @tysonjhayes - if you get a mo could you label this issue as in progress? Cheers sir!

@kwirkykat kwirkykat added in progress The issue is being actively worked on by someone. resource proposal The issue is proposing a new resource in the resource module. labels Aug 2, 2016
@tysonjhayes
Copy link
Collaborator

@PlagueHO Are you still working on this?

@PlagueHO
Copy link
Member Author

PlagueHO commented Jan 20, 2017
edited
Loading

@tysonjhayes - it's on the backlog... But I'm not sure when I'll actually get to it. I've got a few other resources to get done before I'll get to this (this weekend is assigned to creating the new xCertificateExport resource in xCertificate).

@PlagueHO PlagueHO added help wanted The issue is up for grabs for anyone in the community. and removed in progress The issue is being actively worked on by someone. labels Oct 23, 2018
@webalexeu
Copy link

Hello,
We have the same need so I will try to work on this and propose a PR shortly to integrate those new resources

@webalexeu webalexeu linked a pull request Mar 10, 2025 that will close this issue
Open
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@PlagueHO PlagueHO

Labels
help wanted The issue is up for grabs for anyone in the community. resource proposal The issue is proposing a new resource in the resource module.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

DnsClientNrptGlobal-DnsClientNrptRule: New resources webalexeu/NetworkingDsc
4 participants
@tysonjhayes @kwirkykat @PlagueHO @webalexeu