使用 PowerShell 并以具有域管理员凭据的管理员身份运行它,我尝试以编程方式删除包含任何大写字符的 AD SRV 记录,而不是手动单独清理这些记录。当将 Windows Server 2016 引入到拥有 Windows 2012(及更低版本)DC 的 AD 域中时,问题首先出现。我一直在绞尽脑汁地尝试修改下面的代码,并解决了错误的正则表达式和错误的变量,现在我已经快要到达终点线了,但此时的代码报告它无法删除符合大写字符条件的记录。下面是最新的代码,后面是最新结果的片段,最后是代码正在处理的原始数据的片段。在您提问之前,Windows Server 2016 上早已安装了解决此问题的修补程序,并且组策略设置也已到位以防止出现此问题,但是大写的 SRV 记录仍然会不时地重新插入,此时我正在求助于 PowerShell 进行清理。无论如何,这是一个实验室,创建 PowerShell 的任务现在已经成为练习的重点;我对此很满意。对下面我哪里出错有什么想法吗?感谢您的阅读。
最新代码:
Clear-Host
# DNS zones to examine
$zoneNames = @("_msdcs.alpha.local", "alpha.local")
# DNS server to query
$dnsServer = 'dc2.alpha.local'
# Get all SRV records from the specified zones
$allSrvRecords = foreach ($zoneName in $zoneNames) {
Get-DnsServerResourceRecord -ZoneName $zoneName -RRType SRV -ComputerName $dnsServer
}
# Array to store deleted records
$deletedRecords = @()
# Iterate through all SRV records
foreach ($record in $allSrvRecords) {
if ($record.RecordData.DomainName -cmatch '[A-Z]') {
try { # Attempt to delete the record
Write-Host "Attempting to delete record: $($record.HostName) in zone $($ZoneName)"
Remove-DnsServerResourceRecord -Name $record.HostName -RRType $record.RecordType -RecordData $Record.RecordData.DomainName -ZoneName $ZoneName -ComputerName $dnsServer -Force
$deletedRecords += $record
Write-Host "Deleted record: $($record.HostName) in zone $ZoneName"
} catch {
Write-Host "Error deleting record: $($record.HostName)"
Write-Host "Error details: $_"
}
}
}
# Output results
Write-Host "Deleted records:"
$deletedRecords | ForEach-Object { $_.HostName }
最新结果片段:
Attempting to delete record: _kerberos._tcp.Site1._sites.dc in zone alpha.local
Error deleting record: _kerberos._tcp.Site1._sites.dc
Error details: InputObject for resource record has an invalid value. Failed to remove the resource record on dc2.alpha.local server. Please check extended error for additi
onal details.
Attempting to delete record: _ldap._tcp.Site1._sites.dc in zone alpha.local
Error deleting record: _ldap._tcp.Site1._sites.dc
Error details: InputObject for resource record has an invalid value. Failed to remove the resource record on dc2.alpha.local server. Please check extended error for additi
onal details.
Attempting to delete record: _kerberos._tcp.Site3._sites.dc in zone alpha.local
Error deleting record: _kerberos._tcp.Site3._sites.dc
Error details: InputObject for resource record has an invalid value. Failed to remove the resource record on dc2.alpha.local server. Please check extended error for additi
onal details.
Attempting to delete record: _ldap._tcp.Site3._sites.dc in zone alpha.local
Error deleting record: _ldap._tcp.Site3._sites.dc
Error details: InputObject for resource record has an invalid value. Failed to remove the resource record on dc2.alpha.local server. Please check extended error for additi
onal details.
Attempting to delete record: _kerberos._tcp.dc in zone alpha.local
Error deleting record: _kerberos._tcp.dc
Error details: InputObject for resource record has an invalid value. Failed to remove the resource record on dc2.alpha.local server. Please check extended error for additi
onal details.
原始数据(代码所针对的数据)片段:
HostName RecordType Type Timestamp TimeToLive RecordData
-------- ---------- ---- --------- ---------- ----------
_gc._tcp.Site1._sites SRV 33 3/16/2024 4:00:00 AM 00:10:00 [0][100][3268][DC1.ALPHA.local.]
_gc._tcp.Site1._sites SRV 33 3/14/2024 9:00:00 AM 00:10:00 [0][100][3268][dc1.alpha.local.]
_kerberos._tcp.Site1._... SRV 33 3/16/2024 4:00:00 AM 00:10:00 [0][100][88][DC1.ALPHA.local.]
_kerberos._tcp.Site1._... SRV 33 3/14/2024 9:00:00 AM 00:10:00 [0][100][88][dc1.alpha.local.]
_ldap._tcp.Site1._sites SRV 33 3/16/2024 4:00:00 AM 00:10:00 [0][100][389][DC1.ALPHA.local.]
_ldap._tcp.Site1._sites SRV 33 3/14/2024 9:00:00 AM 00:10:00 [0][100][389][dc1.alpha.local.]
_gc._tcp.Site2._sites SRV 33 3/14/2024 8:00:00 AM 00:10:00 [0][100][3268][dc2.alpha.local.]
_kerberos._tcp.Site2._... SRV 33 3/14/2024 8:00:00 AM 00:10:00 [0][100][88][dc2.alpha.local.]
默认情况下,工作在域控制器上的 NetLogon 服务会定期在 DNS Server 服务上注册相关的域控制器 DNS 资源记录。即使您删除了 DNS 记录,此服务也会重新注册 DNS 记录,这对于 Active Directory 域的正常工作至关重要。