InfiniteInsight · September 13, 2022 14:21
diff --git a/Set-UmbrellaDNSForwarders.ps1 b/Set-UmbrellaDNSForwarders.ps1
 #Set the public IPs for Cisco Umbrella / OpenDNS
 $openDNS = "208.67.220.220", "208.67.220.222", "208.67.222.220", "208.67.222.222"

 #Get a list of your Domain Controller.
 $dcs = Get-ADcomputer -SearchBase "OU=Domain Controllers,DC=your,DC=domain,DC=com"
 #you can also simply use Get-ADDomainController -filter *

 #Iterate through each DC
 foreach($DC in $dcs){
    #Log the current DNSForwarder settings
    $currentForwarder = Get-DnsServerForwarder -ComputerName $dc.name
    $dc.name | out-file C:\path\to\log\previousForwarders.txt -Append
    $currentForwarder | out-file C:\path\to\log\previousForwarders.txt -Append

    #Set the desired DNS Forwarder IP addresses and ensure UseRootHint is set to false per Cisco documentation 
    # https://support.umbrella.com/hc/en-us/articles/4404435963412-Umbrella-as-a-DNS-forwarder-in-Windows-Server
    Set-DnsServerForwarder -ComputerName $DC.name -IPAddress $openDNS -UseRootHint $false -Verbose

 }
	#Set the public IPs for Cisco Umbrella / OpenDNS
	$openDNS = "208.67.220.220", "208.67.220.222", "208.67.222.220", "208.67.222.222"

	#Get a list of your Domain Controller.
	$dcs = Get-ADcomputer -SearchBase "OU=Domain Controllers,DC=your,DC=domain,DC=com"
	#you can also simply use Get-ADDomainController -filter *

	#Iterate through each DC
	foreach($DC in $dcs){
	#Log the current DNSForwarder settings
	$currentForwarder = Get-DnsServerForwarder -ComputerName $dc.name
	$dc.name \| out-file C:\path\to\log\previousForwarders.txt -Append
	$currentForwarder \| out-file C:\path\to\log\previousForwarders.txt -Append

	#Set the desired DNS Forwarder IP addresses and ensure UseRootHint is set to false per Cisco documentation
	# https://support.umbrella.com/hc/en-us/articles/4404435963412-Umbrella-as-a-DNS-forwarder-in-Windows-Server
	Set-DnsServerForwarder -ComputerName $DC.name -IPAddress $openDNS -UseRootHint $false -Verbose

	}