DnsClientNrptRule - dsccommunity/NetworkingDsc GitHub Wiki
Parameters
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| Name | Key | String | Specifies the DNS Client NRPT rule name. | |
| Comment | Write | String | Stores administrator notes. | |
| DAEnable | Write | Boolean | Indicates the rule state for DirectAccess. | |
| DAIPsecEncryptionType | Write | String | Specifies the Internet Protocol security (IPsec) encryption setting for DirectAccess. | None, Low, Medium, High |
| DAIPsecRequired | Write | Boolean | Indicates that IPsec is required for DirectAccess. | |
| DANameServers | Write | StringArray[] | Specifies an array of DNS servers to query when DirectAccess is enabled. | |
| DAProxyServerName | Write | String | Specifies the proxy server to use when connecting to the Internet. This parameter is only applicable if the DAProxyType parameter is set to UseProxyName. | |
| DAProxyType | Write | String | Specifies the proxy server type to be used when connecting to the Internet. | NoProxy, UseDefault, UseProxyName |
| DisplayName | Write | String | Specifies an optional friendly name for the NRPT rule. | |
| DnsSecEnable | Write | Boolean | Enables Domain Name System Security Extensions (DNSSEC) on the rule. | |
| DnsSecIPsecEncryptionType | Write | String | Specifies the IPsec tunnel encryption setting. | None, Low, Medium, High |
| DnsSecIPsecRequired | Write | Boolean | Indicates the DNS client must set up an IPsec connection to the DNS server. | |
| DnsSecValidationRequired | Write | Boolean | Indicates that DNSSEC validation is required. | |
| Ensure | Write | String | Specifies whether the DNS Client NRPT rule should exist. Defaults to 'Present'. | Present, Absent |
| IPsecTrustAuthority | Write | String | Specifies the certification authority to validate the IPsec channel. | |
| NameEncoding | Write | String | Specifies the encoding format for host names in the DNS query. | Disable, Utf8WithMapping, Utf8WithoutMapping, Punycode |
| NameServers | Write | StringArray[] | Specifies the DNS servers to which the DNS query is sent when DirectAccess is disabled. | |
| Namespace | Write | String | Specifies the DNS namespace. |
Description
This resource is used to control DNS Client NRPT rules for a node.
Examples
Example 1
Sets a DNS Client NRPT rule named 'Contoso DNS Policy' to configure a conditional DNS forwarder (192.168.1.1) for a specific namespace (contoso.com).
Configuration DnsClientNrptRule_Server_Config
{
Import-DscResource -Module NetworkingDsc
Node localhost
{
DnsClientNrptRule Server
{
Name = 'Contoso DNS Policy'
Namespace = '.contoso.com'
NameServers = ('192.168.1.1')
}
}
}
Example 2
Sets a DNS Client NRPT rule named 'DNSSEC' to enable DNSSEC queries for a specific namespace (contoso.com).
Configuration DnsClientNrptRule_DNSSEC_Config
{
Import-DscResource -Module NetworkingDsc
Node localhost
{
DnsClientNrptRule DNSSEC
{
Name = 'DNSSEC'
Namespace = 'contoso.com'
DnsSecEnable = $true
}
}
}
Example 3
Sets a DNS Client NRPT rule named 'Punycode' to send Punycode DNS queries using a conditional DNS forwarder for a specific namespace(contoso.com).
Configuration DnsClientNrptRule_Punycode_Config
{
Import-DscResource -Module NetworkingDsc
Node localhost
{
DnsClientNrptRule Punycode
{
Name = 'Punycode'
Namespace = 'contoso.com'
NameEncoding = 'Punycode'
NameServers = ('192.168.1.1')
}
}
}