PowerShell Code
Get-FSMORoles.ps1
View-only PowerShell code for review.
<#
.SYNOPSIS
This script will remove DNS records with M3, M03,D1,D01,S01,S05,D03 prefixes from all DNS zones on the domain its run on.
.DESCRIPTION
This script connects to a DNS server using domain admin credentials checked out from CyberArk, retrieves all the zones, filters records with specified prefixes, deletes them and exports the results to a CSV file.
.EXAMPLE
Remove-DNSRecords.ps1
This example runs the script to connect to the DNS server, retrieve zones, filter records with specified prefixes, and remove those records.
.EXAMPLE
Remove-DNSRecords.ps1 -Credential (Get-Credential)
This example runs the script with specified credentials to connect to the DNS server, retrieve zones, filter records with specified prefixes, and remove those records.
.INPUTS
The script does not take any inputs directly, but you can modify the variables at the beginning of the script to change the prefixes to filter.
- Credential: The domain admin credentials to connect to the DNS server. this password must be checked out from CyberArk.
.OUTPUTS
The script outputs the status of the removal process, including any errors encountered during the removal.
.NOTES
This script is used for removing DNS records from a DNS server using specified prefixes.
Ensure you have the necessary permissions to access the DNS server and remove records.
The script will attempt to remove the filtered records and log the status to the console.
#>
$cred = Get-Credential -Message "Enter Domain Admin credentials"
$script = {
# Get the DNS zones and remove records with listed prefixes
$zones = Get-DnsServerZone
$prefixes = @("Enter your sername prefixes here") #Enter the prefixes you want to filter for. This is all assuming your server names are standardized with a prefix that indicates their location or environment.
Adjust the prefixes as needed for your environment. Make sure you start with a quote and end the prefix with a quote. Each entry should have a comma between them and be enclosed in quotes.
For example: $prefixes = @("P3", "P03", "R1", "R01", "R01", "T05", "Q03") #these letter designations are just examples, you can use whatever prefixes you want to filter for.
foreach ($zone in $zones) {
$records = Get-DnsServerResourceRecord -ZoneName $zone.ZoneName
$filtered = $records | Where-Object {
$hostname = $_.HostName
$prefixes | Where-Object { $hostname -like "$_*" }
}
foreach ($record in $filtered) {
try {
Remove-DnsServerResourceRecord -ZoneName $zone.ZoneName -RRType $record.RecordType -Name $record.HostName -RecordData $record.RecordData -Force
Write-Host "Removed record: $($record.HostName) from zone: $($zone.ZoneName)"
} catch {
Write-Warning "Failed to remove record: $($record.HostName) from zone: $($zone.ZoneName). Error: $_"
}
}
}
}
# Save script block to a temporary file
$tempScriptPath = "$env:TEMP\DnsCleanupScript.ps1"
$script | Out-File -FilePath $tempScriptPath
# Launch new PowerShell session with elevated credentials
Start-Process powershell.exe -Credential $cred -ArgumentList "-ExecutionPolicy Bypass -File `"$tempScriptPath`""