question

emilemilmammadli-6480 avatar image
0 Votes"
emilemilmammadli-6480 asked RichMatheisen-8856 commented

Add confirmation to powershell script

Hello everyone,

I have one powershell script. https://itdungeon.blogspot.com/2021/11/update-dns-static-servers-in-your-local.html

$inet1=Get-DnsClient | Get-DnsClientServerAddress | where{$.ServerAddresses -contains "192.168.0.245" -or $.ServerAddresses -contains "192.168.0.207"}
foreach($nic in $inet1){
Set-DnsClientServerAddress -InterfaceIndex $nic.InterfaceIndex -ServerAddresses ("192.168.0.245","192.168.0.114")
}

I want to add automatically answer yes. How can I do? Please help me. Thanks.

windows-server-powershell
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

4 Answers

Thameur-BOURBITA avatar image
0 Votes"
Thameur-BOURBITA answered emilemilmammadli-6480 commented

Hi,

If I understand your question , you want add confirmation for each NIC modification.
Below a Example :

 $inet1=Get-DnsClient | Get-DnsClientServerAddress | where{$_.ServerAddresses -contains "192.168.0.245" -or $_.ServerAddresses -contains "192.168.0.207"}
    
 foreach($nic in $inet1){
    
 $interfaceAlias = $nic.InterfaceAlias
 $yes = Read-Host -Prompt "type Yes to confirm the modification on $interfaceAlias :"
    
 if($yes -eq "Yes"){
 Set-DnsClientServerAddress -InterfaceIndex $nic.InterfaceIndex -ServerAddresses ("192.168.0.245","192.168.0.114")
 }
 }

Please don't forget to mark helpful reply as answer

· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RichMatheisen-8856 avatar image RichMatheisen-8856 ·

. . . or remove lines 4, 5. 6, 7, 8, and 10. Then add the -Confirm switch to line 9.

0 Votes 0 ·
emilemilmammadli-6480 avatar image emilemilmammadli-6480 RichMatheisen-8856 ·

Hi,

187745-confirm.png



I want not appear this message box. Automatically answer yes. Not manually.

0 Votes 0 ·
confirm.png (12.9 KiB)
RichMatheisen-8856 avatar image
0 Votes"
RichMatheisen-8856 answered RichMatheisen-8856 commented

Before you run your script, run this:

 Get-ExecutionPolicy -List
    
    
         Scope ExecutionPolicy
         ----- ---------------
 MachinePolicy       Undefined
    UserPolicy       Undefined
       Process    RemoteSigned
   CurrentUser       Undefined
  LocalMachine    RemoteSigned

There is nothing in that script that changes the execution policy. Are you seeing that warning when you start a PowerShell session (before you run anything)? If you do, it's because there's something in the PowerShell profile that trying to change it.

Also check the $Profile variable when you start the session with "run as administrator" and when you start a session as an unprivileged user.

Have a look at this, too: about_profiles


· 5
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

emilemilmammadli-6480 avatar image emilemilmammadli-6480 ·

I run this ps1 file administrator user. I've added Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope LocalMachine in first line in this script but again ask me.


My script is:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope LocalMachine |
$inet1=Get-DnsClient | Get-DnsClientServerAddress | where{$.ServerAddresses -contains "192.168.6.11" -or $.ServerAddresses -contains "192.168.1.11"}
foreach($nic in $inet1){
Set-DnsClientServerAddress -InterfaceIndex $nic.InterfaceIndex -ServerAddresses ("192.168.0.245","192.168.0.114")
}



188102-dnsscript.png


I click Run with PowerShell and appear this message:

Execution Policy Change
The execution policy helps protect you from scripts that you do not trust. Changing the execution policy might expose
you to the security risks described in the about_Execution_Policies help topic at
http://go.microsoft.com/fwlink/?LinkID=135170. Do you want to change the execution policy?
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"):




I want to this not appear. When I click Run with PowerShell change DNS IP.



0 Votes 0 ·
dnsscript.png (4.5 KiB)
RichMatheisen-8856 avatar image RichMatheisen-8856 emilemilmammadli-6480 ·

Add the "-Force" switch to the Set-ExecutionPolicy cmdlet.

You didn't say what the LocalMachine policy is, though. Is it set by a GPO? If so, it may not be able to be overridden.

0 Votes 0 ·
emilemilmammadli-6480 avatar image emilemilmammadli-6480 RichMatheisen-8856 ·

Thank you for answer. But I cannot solve.

Set-ExecutionPolicy -Force
$inet1=Get-DnsClient | Get-DnsClientServerAddress | where{$.ServerAddresses -contains "192.168.6.11" -or $.ServerAddresses -contains "192.168.1.11"}
foreach($nic in $inet1){
Set-DnsClientServerAddress -InterfaceIndex $nic.InterfaceIndex -ServerAddresses ("192.168.0.245","192.168.0.114")
}

Is it right? I've typed also

Set-ExecutionPolicy -Force |
$inet1=Get-DnsClient | Get-DnsClientServerAddress | where{$.ServerAddresses -contains "192.168.6.11" -or $.ServerAddresses -contains "192.168.1.11"}
foreach($nic in $inet1){
Set-DnsClientServerAddress -InterfaceIndex $nic.InterfaceIndex -ServerAddresses ("192.168.0.245","192.168.0.114")
}


and also



$inet1=Get-DnsClient | Get-DnsClientServerAddress | where{$.ServerAddresses -contains "192.168.6.11" -or $.ServerAddresses -contains "192.168.1.11"}
foreach($nic in $inet1){
Set-DnsClientServerAddress -InterfaceIndex $nic.InterfaceIndex -ServerAddresses ("192.168.0.245","192.168.0.114") | Set-ExecutionPolicy -Force
}


But after all variants appear message.

0 Votes 0 ·
emilemilmammadli-6480 avatar image emilemilmammadli-6480 RichMatheisen-8856 ·

Thank you for answer. But I cannot solve.

Set-ExecutionPolicy -Force
$inet1=Get-DnsClient | Get-DnsClientServerAddress | where{$.ServerAddresses -contains "192.168.6.11" -or $.ServerAddresses -contains "192.168.1.11"}
foreach($nic in $inet1){
Set-DnsClientServerAddress -InterfaceIndex $nic.InterfaceIndex -ServerAddresses ("192.168.0.245","192.168.0.114")
}

Is it right? I've typed also

Set-ExecutionPolicy -Force |
$inet1=Get-DnsClient | Get-DnsClientServerAddress | where{$.ServerAddresses -contains "192.168.6.11" -or $.ServerAddresses -contains "192.168.1.11"}
foreach($nic in $inet1){
Set-DnsClientServerAddress -InterfaceIndex $nic.InterfaceIndex -ServerAddresses ("192.168.0.245","192.168.0.114")
}


and also



$inet1=Get-DnsClient | Get-DnsClientServerAddress | where{$.ServerAddresses -contains "192.168.6.11" -or $.ServerAddresses -contains "192.168.1.11"}
foreach($nic in $inet1){
Set-DnsClientServerAddress -InterfaceIndex $nic.InterfaceIndex -ServerAddresses ("192.168.0.245","192.168.0.114") | Set-ExecutionPolicy -Force
}


But after all variants appear message.

0 Votes 0 ·
Show more comments
emilemilmammadli-6480 avatar image
0 Votes"
emilemilmammadli-6480 answered

I've found this script

Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter IPEnabled=TRUE | Where-Object {!$.DHCPEnabled} | ForEach-Object { $.SetDNSServerSearchOrder('8.8.8.8','8.8.8.4')}


https://docs.microsoft.com/en-us/answers/questions/174234/how-to-add-dns-record-only-to-computers-with-stati.html

It's a great script. But when I clicked appear this error:

annot find an overload for "SetDNSServerSearchOrder" and the argument count: "2".
At C:\Users\Administrator\Desktop\dns12.ps1:1 char:131
+ ... rEach-Object { $_.SetDNSServerSearchOrder('8.8.8.8','8.8.8.4')}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodException
+ FullyQualifiedErrorId : MethodCountCouldNotFindBest


But when I type one DNS ip, process is done. How can I solve?

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

NewbieJones-6218 avatar image
0 Votes"
NewbieJones-6218 answered RichMatheisen-8856 commented

You can't have the execution policy in the script.

You set this outside the script. If this is running from a server, its usually dictated by some sort of group policy for that server. As its not feasible to have to set the execution policy each and every time.

I have policies that allow unrestricted access, but only from a certain number of dev machines and the integration server that runs scripts. (But your scripts really should be signed).

If you can't set\force the execution policy, its probably down to rights and policy, which you will need to speak to your administrators about.

Certain organisations will block unsigned scripts from running or only allow from certain workstations.

· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RichMatheisen-8856 avatar image RichMatheisen-8856 ·

If his unsigned script was prevented from running by an existing execution policy he would never get to the warning that the policy was about to be changed. That kinda says that the policy is either RemoteSigned or another that allows the running of unsigned scripts. That brings into question why he's even trying to change the policy in the first place!

So far he's provided no information about what the existing execution polices are.

0 Votes 0 ·