March 2018 – A Geeks World

When you set the System Center DPM setting for Azure throttling via GUI, you have to do the full wizard and also enter the azure passphrase to save the settings.

If you happen to not have the key handy or for some other reason want to do it via Powershell, here is the command.

$Cloud = get-DPMCloudSubscriptionSetting
$Cloud.ThrottlingSetting
Set-DPMCloudSubscriptionSetting -WorkDay Monday, Tuesday, Wednesday, Thursday, Friday -StartWorkHour "07:00:00" -EndWorkHour "19:00:00" -WorkHourBandwidth (256*1024) -NonWorkHourBandwidth (1024*1024*500) -SubscriptionSetting $Cloud 
Set-DPMCloudSubscriptionSetting -SubscriptionSetting $Cloud -Commit -Verbose
(get-DPMCloudSubscriptionSetting).ThrottlingSetting

$Cloud = get-DPMCloudSubscriptionSetting

$Cloud.ThrottlingSetting

Set-DPMCloudSubscriptionSetting -WorkDay Monday, Tuesday, Wednesday, Thursday, Friday -StartWorkHour "07:00:00" -EndWorkHour "19:00:00" -WorkHourBandwidth (256*1024) -NonWorkHourBandwidth (1024*1024*500) -SubscriptionSetting $Cloud

Set-DPMCloudSubscriptionSetting -SubscriptionSetting $Cloud -Commit -Verbose

(get-DPMCloudSubscriptionSetting).ThrottlingSetting

Easy as that, but I couldn’t find any examples on Microsoft Docs, just how to disable throttling. The script sets the settings as in the screenshot above, you might want to adjust the bandwidth etc, it’s defined in bits.

I had a customer with more than 60 DHCP Scopes but all DNS Reverse Lookup Zones were unfortunately not created, configured and/or consisted of a lot of old invalid static records. And in addition both the Primary and Reverse Zones were containing a lot of old Name Servers.

Here is the scripts I ran to fix the issues. Just remove the -whatif to actually make it do stuff.

In this case, our Name Servers had the name standard ADM-V-ADDS…. so the script will remove all other name servers. Obviously, modify to fit your environment!

# Create Reverse Lookup Zones for all DHCP Scopes 
foreach ($scopeid in Get-DhcpServerv4Scope | where subnetmask -eq "255.255.255.0" | select -ExpandProperty scopeid)
{
    Try {
        Add-DnsServerPrimaryZone -NetworkId "$scopeid/24" -ReplicationScope Domain -ErrorAction Stop
        Write-Output "Reverse zone $scopeid created"
        }
    Catch [Microsoft.Management.Infrastructure.CimException]
        {
        Write-Warning "Reverse zone for $scopeid already exists"
        }
}


# Make all Reverse Lookup Zones configured the same way and remove all Static Records (devices will simply re-register themselves). 
Get-DnsServerZone | where ZoneName -like "*.arpa" | where ZoneName -notlike "127.in-*" | where ZoneName -notlike "0.in-addr.arpa" | where ZoneName -notlike "255.in-addr.arpa" | %  {

    $Name = $_.zonename ; 

    Set-DnsServerZoneAging -Name $_.ZoneName -Aging $true -NoRefreshInterval "7.00:00:00" -RefreshInterval "7.00:00:00" -WhatIf
    Set-DnsServerPrimaryZone -Name $_.ZoneName -ReplicationScope Domain -WhatIf
    Set-DnsServerPrimaryZone -Name $_.ZoneName -DynamicUpdate Secure -WhatIf

    Get-DnsServerResourceRecord -ZoneName $_.zonename -RRType "NS" | ? {$_.RecordData.NameServer -notlike "*adm-v-adds*"} | Remove-DnsServerResourceRecord -ZoneName $name -Force -PassThru -Confirm:$false -WhatIf 
    Get-DnsServerResourceRecord -ZoneName $_.zonename -RRType "WINS" | ? {$_.RecordData.NameServer -notlike "*adm-v-adds*"} | Remove-DnsServerResourceRecord -ZoneName $name -Force -PassThru -Confirm:$false -WhatIf
    Get-DnsServerResourceRecord -ZoneName $_.zonename -RRType "WinsR" | ? {$_.RecordData.NameServer -notlike "*adm-v-adds*"} | Remove-DnsServerResourceRecord -ZoneName $name -Force -PassThru -Confirm:$false -WhatIf
    Get-DnsServerResourceRecord -ZoneName $_.zonename -RRType "Ptr" | ? { $_.Timestamp -eq $null } | Remove-DnsServerResourceRecord -ZoneName $name -Force -PassThru -Confirm:$false -WhatIf

}


# Set some settings on the normal Zones too plus fix Name Servers. 
Get-DnsServerZone | where ZoneName -notlike "*.arpa" | where ZoneName -notlike "TrustAnchors" | %  {

    $Name = $_.zonename ; 

    Set-DnsServerZoneAging -Name $_.ZoneName -Aging $true -NoRefreshInterval "7.00:00:00" -RefreshInterval "7.00:00:00" -WhatIf
    Set-DnsServerPrimaryZone -Name $_.ZoneName -ReplicationScope Domain  -WhatIf
    Set-DnsServerPrimaryZone -Name $_.ZoneName -DynamicUpdate Secure  -WhatIf
    Get-DnsServerResourceRecord -ZoneName $_.zonename -RRType "NS" | ? {$_.RecordData.NameServer -notlike "*adm-v-adds*"} | Remove-DnsServerResourceRecord -ZoneName $name -Force -PassThru -Confirm:$false -WhatIf
}

# Create Reverse Lookup Zones for all DHCP Scopes

foreach ($scopeid in Get-DhcpServerv4Scope | where subnetmask -eq "255.255.255.0" | select -ExpandProperty scopeid)

{

Try {

Add-DnsServerPrimaryZone -NetworkId "$scopeid/24" -ReplicationScope Domain -ErrorAction Stop

Write-Output "Reverse zone $scopeid created"

}

Catch [Microsoft.Management.Infrastructure.CimException]

{

Write-Warning "Reverse zone for $scopeid already exists"

}

# Make all Reverse Lookup Zones configured the same way and remove all Static Records (devices will simply re-register themselves).

Get-DnsServerZone | where ZoneName -like "*.arpa" | where ZoneName -notlike "127.in-*" | where ZoneName -notlike "0.in-addr.arpa" | where ZoneName -notlike "255.in-addr.arpa" | % {

$Name = $_.zonename ;

Set-DnsServerZoneAging -Name $_.ZoneName -Aging $true -NoRefreshInterval "7.00:00:00" -RefreshInterval "7.00:00:00" -WhatIf

Set-DnsServerPrimaryZone -Name $_.ZoneName -ReplicationScope Domain -WhatIf

Set-DnsServerPrimaryZone -Name $_.ZoneName -DynamicUpdate Secure -WhatIf

Get-DnsServerResourceRecord -ZoneName $_.zonename -RRType "NS" | ? {$_.RecordData.NameServer -notlike "*adm-v-adds*"} | Remove-DnsServerResourceRecord -ZoneName $name -Force -PassThru -Confirm:$false -WhatIf

Get-DnsServerResourceRecord -ZoneName $_.zonename -RRType "WINS" | ? {$_.RecordData.NameServer -notlike "*adm-v-adds*"} | Remove-DnsServerResourceRecord -ZoneName $name -Force -PassThru -Confirm:$false -WhatIf

Get-DnsServerResourceRecord -ZoneName $_.zonename -RRType "WinsR" | ? {$_.RecordData.NameServer -notlike "*adm-v-adds*"} | Remove-DnsServerResourceRecord -ZoneName $name -Force -PassThru -Confirm:$false -WhatIf

Get-DnsServerResourceRecord -ZoneName $_.zonename -RRType "Ptr" | ? { $_.Timestamp -eq $null } | Remove-DnsServerResourceRecord -ZoneName $name -Force -PassThru -Confirm:$false -WhatIf

}

# Set some settings on the normal Zones too plus fix Name Servers.

Get-DnsServerZone | where ZoneName -notlike "*.arpa" | where ZoneName -notlike "TrustAnchors" | % {

$Name = $_.zonename ;

Set-DnsServerZoneAging -Name $_.ZoneName -Aging $true -NoRefreshInterval "7.00:00:00" -RefreshInterval "7.00:00:00" -WhatIf

Set-DnsServerPrimaryZone -Name $_.ZoneName -ReplicationScope Domain -WhatIf

Set-DnsServerPrimaryZone -Name $_.ZoneName -DynamicUpdate Secure -WhatIf

}

Month: March 2018

How to set DPM Azure Throttling with Powershell

Use DHCP Scope info to build DNS Reverse Lookup Zones and configure DNS with Powershell