Set-DnsClientNrptRule

Modifies a DNS client Name Resolution Policy Table (NRPT) rule for the specified namespace.

Syntax

Set-DnsClientNrptRule
   [-DAEnable <Boolean>]
   [-DAIPsecEncryptionType <String>]
   [-DAIPsecRequired <Boolean>]
   [-DANameServers <String[]>]
   [-DAProxyServerName <String>]
   [-DAProxyType <String>]
   [-Comment <String>]
   [-DnsSecEnable <Boolean>]
   [-DnsSecIPsecEncryptionType <String>]
   [-DnsSecIPsecRequired <Boolean>]
   [-DnsSecValidationRequired <Boolean>]
   [-GpoName <String>]
   [-IPsecTrustAuthority <String>]
   [-Name] <String>
   [-NameEncoding <String>]
   [-NameServers <String[]>]
   [-Namespace <String[]>]
   [-Server <String>]
   [-DisplayName <String>]
   [-PassThru]
   [-CimSession <CimSession[]>]
   [-ThrottleLimit <Int32>]
   [-AsJob]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The Set-DnsClientNrptRule cmdlet modifies the specified DNS client Name Resolution Policy Table (NRPT) rule.

Examples

Example 1: Modify an NRPT rule

PS C:\> Set-DnsClientNrptRule  -DAEnable $True -DAIPsecEncryptionType "High" -DAIPsecRequired $True -DANameServers "10.0.0.1" -DAProxyServerName "DaServer.com:6666" -DAProxyType "UseProxyName" -DisplayName "Sample" -PassThru -IPsecTrustAuthority "RootCA" -Name "{1326d9d0-4fb5-4fed-9f67-f53637b85010}" -NameEncoding "Punycode" -NameServers "10.0.0.1" -Namespace "dnsnrpt.com" -Server "host1.com" -Comment "Sample NRPT Rule" -DnsSecEnable $True -DnsSecIPsecEncryptionType "Medium" -DnsSecIPsecRequired $True -DnsSecValidationRequired $True -GpoName "TestGPO"

This example modifies an NRPT rule for a GPO named TestGPO on the server named host1.com for namespace dnsnrpt.com.

Parameters

-AsJob

Runs the cmdlet as a background job. Use this parameter to run commands that take a long time to complete.

The cmdlet immediately returns an object that represents the job and then displays the command prompt. You can continue to work in the session while the job completes. To manage the job, use the *-Job cmdlets. To get the job results, use the Receive-Job cmdlet.

For more information about Windows PowerShell background jobs, see about_Jobs.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CimSession

Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet. The default is the current session on the local computer.

Type:CimSession[]
Aliases:Session
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Comment

Stores administrator comments.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DAEnable

Indicates the rule state for DirectAccess (DA).

Type:Boolean
Aliases:DirectAccessEnabled
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DAIPsecEncryptionType

Specifies the IPsec encryption type for DA. The acceptable values for this parameter are:

  • None
  • Low
  • Medium
  • High
Type:String
Aliases:DirectAccessQueryIPSSECEncryption
Accepted values:, None, Low, Medium, High
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DAIPsecRequired

Indicates whether IPsec is required.

Type:Boolean
Aliases:DirectAccessQueryIPsecRequired
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DANameServers

Specifies the DNS servers which will be queried when DA is enabled.

Type:String[]
Aliases:DirectAccessDNSServers
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DAProxyServerName

Specifies the proxy server to be used when connecting to the Internet.

This parameter is only applicable when the DAProxyType parameter is set to UseProxyName.

Type:String
Aliases:DirectAccessProxyName
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DAProxyType

Specifies the proxy server type to be used when connecting to the Internet. The acceptable values for this parameter are:

  • NoProxy
  • UseDefault
  • UseProxyName
Type:String
Aliases:DirectAccessProxyType
Accepted values:, NoProxy, UseDefault, UseProxyName
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DisplayName

Specifies an optional friendly name for the NRPT rule.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DnsSecEnable

Indicates whether DNSSEC is enabled on the rule.

Type:Boolean
Aliases:DnsSecEnabled
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DnsSecIPsecEncryptionType

Specifies the IPsec tunnel encryption settings. The acceptable values for this parameter are:

  • None
  • Low
  • Medium
  • High
Type:String
Aliases:DnsSecQueryIPsecEncryption
Accepted values:, None, Low, Medium, High
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DnsSecIPsecRequired

Indicates that the DNS client must set up an IPsec connection to the DNS server.

Type:Boolean
Aliases:DnsSecQueryIPsecRequired
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-DnsSecValidationRequired

Indicates that DNSSEC validation is required.

Type:Boolean
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-GpoName

Specifies the name of the Group Policy Object (GPO).

  • If this parameter and the Server parameter are specified, then the NRPT rule is added in the GPO of domain. The Server parameter specifies the domain controller (DC).
  • If neither this parameter nor the Server parameter is specified, then the NRPT rule is added for local client computer.
  • If this parameter is specified and the Server parameter is not specified, then the DC of the domain specified by this parameter value is found and NRPT rule is added to the GPO.
  • If this parameter is not specified and the Server parameter is specified, then an error is displayed.
Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-IPsecTrustAuthority

Specifies the Certification Authority (CA) to validate the IPsec channel for DA.

Type:String
Aliases:IPsecCARestriction
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Name

Specifies the name which uniquely identifies a rule.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-NameEncoding

Specifies the encoding format for host names in the DNS query. The acceptable values for this parameter are:

  • Disable
  • Utf8WithMapping
  • Utf8WithoutMapping
  • Punycode
Type:String
Accepted values:Disable, Utf8WithMapping, Utf8WithoutMapping, Punycode
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-NameServers

Specifies the DNS servers to which the DNS query is sent when DA is disabled.

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Namespace

Specifies the DNS namespace. The acceptable values for this parameter are:

  • Suffix
  • Prefix
  • FQDN
  • Subnet
  • Any

If this parameter is set to Any, then the parameter value must be specified in dot-notation.

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-PassThru

Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Server

Specifies the server hosting the GPO. This parameter is only applicable with the GpoName parameter.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ThrottleLimit

Specifies the maximum number of concurrent operations that can be established to run the cmdlet. If this parameter is omitted or a value of 0 is entered, then Windows PowerShell® calculates an optimum throttle limit for the cmdlet based on the number of CIM cmdlets that are running on the computer. The throttle limit applies only to the current cmdlet, not to the session or to the computer.

Type:Int32
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

CimInstance

The Microsoft.Management.Infrastructure.CimInstance object is a wrapper class that displays Windows Management Instrumentation (WMI) objects. The path after the pound sign (#) provides the namespace and class name for the underlying WMI object.

Outputs

CimInstance

The Microsoft.Management.Infrastructure.CimInstance object is a wrapper class that displays Windows Management Instrumentation (WMI) objects. The path after the pound sign (#) provides the namespace and class name for the underlying WMI object.

The DnsClientNrptRule object contains all of the properties of the DNS client NRPT rule.