Changing the DNS configuration for many clients by using PSExec and NetSH

Recently, I encountered the need to change the DNS settings of many virtual servers, following our migration to Server 2012 R2 and a new IP scheme for our virtual boxes. In doing so, I came up with the following command, which made use of the SysInternals (now Microsoft) PSExec tool and the standard Windows (since XP) NetSH. There is nothing new here, but I thought I’d write up the process in case it helped someone else who was trying to achieve the same or similar.


The Command Set

psexec.exe \\HOSTNAME -s cmd /c (ˆSETX tmp_adpt “Local Area Connection“ˆ ˆ&netsh interface ip set dns name=”%tmp_adpt%” source=static FIRST DNS IP primaryˆ ˆ&netsh interface ip add dns name=”%tmp_adpt%” addr=SECOND DNS IP index=2ˆ ˆ&netsh interface ip set wins name=”%tmp_adpt%” source=static addr=noneˆ)



The command sets the first and second DNS IP entries for the adapter specified, along with removing any legacy WINS IP entries, running from the system account (-s).

Extra commands can easily be added, encapsulating them within a circumflex ˆ and adding an ampersand ˆ& as the opening tag if you wish the command’s execution to be contingent on the exit code of the previous one being a success (0). When multiple commands are issued to PSExec, wrap the whole lot in parenthesis e.g. (ˆcommand1ˆ ˆ&command2ˆ) and use cmd /c as a prefix.

If preferred, instead of using the system account to authenticate to the remote computer, a set of credentials could be given, by replacing -s with something like -u adminuser -p password.

To apply the command set to multiple machines without a lot of manual typing, there are three choices, to my mind. One could use a file to specify multiple hostnames, by substituting the \\HOSTNAME for something like @C:\path\to\file.txt, which would contain hostnames or IP addresses, one per line. Alternatively, PSExec accepts a list of hostnames inline, using \\HOSTNAME1,HOSTNAME2 etc.  To be honest, I just used a well-known spreadsheet application to build up the command string, since my list of VMs was readily available to me in there from previous projects. Finally, you *could* broadcast the instruction to all machines on the domain, by using \\*, but I would discourage it, unless you are absolutely confident it is what you want to do…


Final Reflections

Whilst attempting to publish this article, I have discovered that WordPress does not appear to URL Encode these posts very well, in as much as my use of forward slashes and circumflexes caused the browser to throw the error “You don’t have permission to access /wp-admin/post.php on this server“.  Once I manual encoded the special characters, all was well, but I remain mildly unimpressed with what should be considered to be a bug.  It will be reported.


Further References




Posted under: DOS, Windows 7

Leave a Reply