PowerShell Script to Update DNS On Remote Servers

Managing DNS server settings across multiple Windows servers manually is time-consuming and error-prone. This PowerShell automation script allows IT administrators to update DNS configurations on multiple remote servers simultaneously while preserving existing DNS entries.

This comprehensive guide provides a safe, automated PowerShell solution to update DNS settings while preserving existing configurations.

Why Use This Script?

• Time-saving: Update dozens of servers in minutes instead of hours
• Preserves existing DNS: Keeps current DNS entries, moving them to the end of the list
• Safe execution: Automatic backup, logging, and verification
• Error-free: Eliminates manual configuration mistakes
• Audit trail: Complete logs for compliance and troubleshooting

Prerequisites

Before running the script, ensure you have:

✅ Administrative privileges on all target servers
✅ PowerShell Remoting (WinRM) enabled on remote servers
✅ Network connectivity to all target servers
✅ PowerShell 5.1 or higher
✅ Firewall rules allowing WinRM traffic (ports 5985/5986)

Enable PowerShell Remoting

On each remote server, run as Administrator:

Enable-PSRemoting -Force
Set-Item WSMan:\localhost\Client\TrustedHosts -Value * -Force
Restart-Service WinRM

For domain environments, use Group Policy to enable WinRM across multiple machines.

How the Script Works

DNS Merge Logic

The script intelligently merges DNS entries:

1. New DNS servers are placed first (priority positions)
2. Existing DNS servers are preserved and moved to the end
3. Duplicates are automatically removed

Example:

Current DNS:     192.168.1.1, 10.0.0.53
Desired DNS:     1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4, 5.5.5.5, 6.6.6.6

Final Result:    1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4, 5.5.5.5, 6.6.6.6, 192.168.1.1, 10.0.0.53
                 └─── New DNS (Priority) ───────────────────────────────┘ └── Preserved ──┘

Also Read: PowerShell Script to Install MSI Silently and Remotely

Step-by-Step Implementation

Step 1: Download and Configure the Script

1. Download the script using the button above
2. Save as Update-DNSServers.ps1
3. Edit the desired DNS servers in the script:

$DesiredDNSServers = @(
    "8.8.8.8",      # Google DNS Primary
    "8.8.4.4",      # Google DNS Secondary
    "1.1.1.1",      # Cloudflare DNS
    "1.0.0.1"       # Cloudflare Secondary
)

Replace these with your organization’s DNS servers in priority order.

Step 2: Create Server List

Create a text file named dnsServer.txt in the same directory:

Server01
Server02
DC01.domain.com
APPSERVER-PROD
192.168.1.100

Add one server hostname or IP per line.

Step 3: Run the Script

Open PowerShell as Administrator:

cd C:\Scripts
.\Update-DNSServers.ps1

Step 4: Review and Confirm

The script displays:

• List of servers to update
• New DNS servers to be added
• Confirmation that existing DNS will be preserved

Type YES to proceed.

Step 5: Monitor Progress

Watch real-time progress indicators:

=== Processing: SERVER01 ===
  Testing ping... OK
  Testing WinRM... OK
  Retrieving DNS settings... OK
Current DNS on 'Ethernet': 192.168.1.1, 10.0.0.1
  Creating backup... OK
  Applying DNS changes... OK
  Verifying changes... OK
=== SUCCESS: SERVER01 ===

Expected Results

Success Output

========================================
DNS Update Script Completed
========================================
Total Servers: 10
Successful: 10
Failed: 0
Skipped: 0
Log file: DNS_Update_Log_20251022_143530.txt
Backup file: DNS_Backup_20251022_143530.csv
========================================

Generated Files

Log File (DNS_Update_Log_YYYYMMDD_HHMMSS.txt):

• Detailed execution timeline
• DNS changes per server
• Success/failure status
• Error messages

Backup File (DNS_Backup_YYYYMMDD_HHMMSS.csv):

• Server name
• Network interface
• Original DNS settings
• Timestamp

Safety Features

Automatic Backup

Creates CSV backup of all current DNS settings before making changes. Use this file for rollback if needed.

Connectivity Testing

Tests ping and WinRM connectivity before attempting changes. Automatically skips unreachable servers.

Verification

After updates, the script retrieves and displays new DNS settings to confirm changes were applied correctly.

Error Handling

If one server fails, others continue processing. Each failure is logged with detailed error information.

Smart Skipping

Automatically skips servers when:

• Already configured correctly
• Unreachable or offline
• WinRM unavailable
• Backup creation fails

Troubleshooting Guide

Issue: “Cannot connect to server”

Error: The client cannot connect to the destination specified in the request

Solution:

# On remote server, run as Administrator:
Enable-PSRemoting -Force
Enable-NetFirewallRule -DisplayName "Windows Remote Management (HTTP-In)"
Restart-Service WinRM

Issue: “Access Denied”

Solution:

• Verify your account has admin rights on target servers
• Use domain admin credentials
• Check with: Invoke-Command -ComputerName SERVER -ScriptBlock { whoami }

Issue: Script Hangs After “YES”

Solution:

• Press Ctrl+C to cancel
• Test manual remote command: Invoke-Command -ComputerName SERVER -ScriptBlock { hostname }
• Check firewall allows WinRM ports 5985/5986

Issue: DNS Changes Don’t Apply

Possible causes:

• DHCP overriding settings
• Group Policy enforcing DNS
• Multiple network adapters

Solution:

• Set DNS to static (not DHCP-assigned)
• Review relevant Group Policies
• Verify correct adapter is being updated

Rollback from Backup

If you need to restore original DNS settings:

$Backup = Import-Csv "DNS_Backup_20251022_143022.csv"

foreach ($Entry in $Backup) {
    $DNSArray = $Entry.DNSServers -split ';'
    Invoke-Command -ComputerName $Entry.ServerName -ScriptBlock {
        param($Index, $DNS)
        Set-DnsClientServerAddress -InterfaceIndex $Index -ServerAddresses $DNS
    } -ArgumentList $Entry.InterfaceIndex, $DNSArray
}

https://youtu.be/H3724unzDAw

Best Practices

Before Deployment

1. Test on one server first
2. Schedule during maintenance windows
3. Notify stakeholders
4. Have rollback plan ready

During Deployment

1. Monitor progress actively
2. Keep backup files accessible
3. Document changes in change management system

After Deployment

1. Verify DNS resolution works
2. Test dependent applications
3. Retain logs for audit compliance
4. Update documentation

Also Read: PowerShell Disk Space Report Script

Advanced Customization

Update Only Specific Network Interfaces

# Modify the script to target only Ethernet adapters:
$Adapters = Get-DnsClientServerAddress -AddressFamily IPv4 | 
            Where-Object { 
                $_.ServerAddresses.Count -gt 0 -and 
                $_.InterfaceAlias -like "*Ethernet*"
            }

Add Email Notifications

# Add at end of script:
$EmailParams = @{
    From = "[email protected]"
    To = "[email protected]"
    Subject = "DNS Update Complete - $($Servers.Count) Servers"
    Body = "Success: $SuccessCount | Failed: $FailureCount | Skipped: $SkippedCount"
    SmtpServer = "smtp.company.com"
}
Send-MailMessage @EmailParams

Schedule Automated Updates

$Action = New-ScheduledTaskAction -Execute "PowerShell.exe" `
    -Argument "-File C:\Scripts\Update-DNSServers.ps1"
$Trigger = New-ScheduledTaskTrigger -Weekly -DaysOfWeek Sunday -At 2AM
Register-ScheduledTask -TaskName "DNS Update Task" `
    -Action $Action -Trigger $Trigger -User "DOMAIN\ServiceAccount"

Conclusion

This PowerShell script provides a reliable, safe, and efficient method to update DNS settings across multiple Windows servers. With automatic backups, detailed logging, and preservation of existing DNS entries, it’s suitable for production environments of any size.

The script eliminates manual configuration errors, saves significant time, and provides complete audit trails for compliance requirements.

Thank you for visiting our website, TechsBucket. If you liked the article, then share it with others.