How to use another DNS Server when the PC is not in domain?

domain-name-system internal-dns

I have two DNS servers (on DCs) in my domain that my clients use when they are connected direct in office or with VPN. I want to set up another external DNS server, and tell the PCs to use this server when they are not in domain. Is this possible via a script or GPO?

Thank you for the answer Emil, Esa is right, my Laptops are all already joined in a domain, i need a script to detect when the laptop is connected with the domain and when not. I have adapted your script to :

if ((Test-ComputerSecureChannel) -eq $true) {

write-host -fore green "I am domain joined!"

} else {

write-host -fore red "Ooops, workgroup!" }

but it doesen't always detect the domain, don't know why

Another idea that I have (don't know if it works, I didn't test it), is to configure all my clients with manual DNS Servers and: by Primary - the DNS from my DC1; by secondary - the Extern DNS server. The problem here is, that I have to find a way that windows will switch from Prymary to secondary DNS immediately... I think the cache mode has to be deactivated on the client side. What do you guys think? Should I try to find a script to detect when the pc is in domain or not, or try to use this solution?


Yes! This post describes the one-liners you would probably use for setting dns. Like this one: Primary value:

netsh interface ipv4 set dns "Local Area Connection" static 192.168.0.2

For actually doing this specifically to clients outside of domain, i would suggest trying to combine netsh command with an if that checks for domain... which also is shown here:

if ((gwmi win32_computersystem).partofdomain -eq $true) {
   write-host -fore green "I am domain joined!"
} else {
   write-host -fore red "Ooops, workgroup!"
}

Also you could run the script at startup so that the clients will check at boot.

Anyways, in my head your script could look something like this:

if ((gwmi win32_computersystem).partofdomain -eq $true) {
   write-host -fore green "I am already joined"
} else {
   write-host -fore red "Not joined, using secondary dns"
   netsh interface ipv4 set dns "Local Area Connection" static <Ip-address>
}

(Most of our answers is from these forums, wonders :p)

Best of luck, Emil


If they're configured as DHCP clients (which is the recommended configuration) then they'll be assigned whatever DNS servers the DHCP server assigns.

Related

Does this SMART result indicate brand new drive? [closed]
Barracuda Bouncing Emails
Tkinter example code for multiple windows, why won't buttons load correctly?
Efficiently detect sign-changes in python
Rotating an image with orientation specified in EXIF using Python without PIL including the thumbnail
Why are compilers so stupid?
how to filter duplicate requests based on url in scrapy
Hooking up express.js with Angular CLI in dev environment
Returning const reference to local variable from a function
What are the default Schedulers for each observable operator?
Handlers and memory leaks in Android
How do I do Debian packaging of a Python package?