CODEWITHSUNDEEP
powershellazuredsc
WinBoss
WinBoss

Reputation: 923

Azure DSC. HA Active Directory Domain Controller issue with Windows Server 2016

I'm trying to modify the official HA DC example to work with Windows Server 2016. https://github.com/Azure/azure-quickstart-templates/tree/master/active-directory-new-domain-ha-2-dc After updating xActiveDirectory module that addresses race condition on Windows Server 2016 it gives me one more error. The final script that resides in ConfigureADBDC.ps1 fails:

                Script script1
    {
        SetScript =
        {
            $dnsFwdRule = Get-DnsServerForwarder
            if ($dnsFwdRule)
            {
                Remove-DnsServerForwarder -IPAddress $dnsFwdRule.IPAddress -Force
            }
            Write-Verbose -Verbose "Removing DNS forwarding rule"
        }
        GetScript =  { @{} }
        TestScript = { $false}
        DependsOn = "[xADDomainController]BDC"

PowerShell DSC resource MSFT_ScriptResource failed to execute Set-TargetResource functionality with error message: Failed to get information for server ADBDC. When I execute Get-DnsServerForwarder I see this:

PS C:\Users\adAdministrator> Get-DnsServerForwarder
    UseRootHint        : True
    Timeout(s)         : 3
    EnableReordering   : True
    IPAddress          : 
    ReorderedIPAddress :

However after some time it changes to this:

PS C:\Users\adAdministrator> Get-DnsServerForwarder
    UseRootHint        : True
    Timeout(s)         : 3
    EnableReordering   : True
    IPAddress          : 10.0.0.4
    ReorderedIPAddress : 10.0.0.4

So, my question is. What is that DnsServerForwarder is used for? Is that even needed? How is it possible to fix this issue?

Upvotes: 1

Views: 346

Answers (1)

4c74356b41
4c74356b41

Reputation: 72191

Well, a hackish way would be:

SetScript = {
    do {
        $dnsFwdRule = Get-DnsServerForwarder
    } while ( $dnsFwdRule.IPAddress -eq $null )
    if( $dnsFwdRule ) {
        Remove-DnsServerForwarder -IPAddress $dnsFwdRule.IPAddress -Force
    } 
    Write-Verbose -Verbose "Removing DNS forwarding rule"
}

note, this could lead to an infinite loop ;) you can fix that with adding something like this:

$i = 0
do
{
    $i++
    Start-Sleep 10
    $dnsFwdRule = Get-DnsServerForwarder
}
while ($i -lt 10 -and $dnsFwdRule.IPAddress -eq $null)

as for the first question:

The Get-DnsServerForwarder cmdlet gets configuration settings on a DNS server. A forwarder is a Domain Name System (DNS) server on a network that is used to forward DNS queries for external DNS names to DNS servers outside that network.

Upvotes: 3

Related Questions