Hello,
I've been asked if I ever found a solution for this, and since I did,
i'm posting it here for everyone to read. this is surely suboptimal, for
it rely on another script rather that a module...
bundle agent check_dns_configuration {
classes:
vars:
"resolvers" slist => { "8.8.8.8" };
"searchlist" slist => { "normation.com" };
windows::
"searchkey" string => join("\,", searchlist);
"resolvkey" string => join("\,", resolvers);
"adapters" string =>
execresult("c:\registrydns.bat\"", "noshell"),
comment => "Fetching all the adapter";
"adapterslist" slist =>
splitstring("$(adapters)", ";", "15");
methods:
windows.dns_resolver_edit::
"any" usebundle => checkDNS($(adapterslist),
$(resolvkey));
databases:
windows.dns_resolver_edit::
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters"
database_operation => "verify",
database_type => "ms_registry",
database_rows => {
"NameServer,REG_SZ,$(resolvkey)"},
comment => "Set the top level resolver",
classes =>
class_trigger("dns_repaired_resolver", "cant_repair_dns_resolver",
"dns_resolver_kept");
windows.dns_searchlist_edit::
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters"
database_operation => "verify",
database_type => "ms_registry",
database_rows => {
"SearchList,REG_SZ,$(searchkey)"},
comment => "Set the search list",
classes =>
if_else("dns_repaired_searchlist", "cant_repair_dns_searchlist",
"dns_searchlist_kept");
}
bundle agent checkDNS(adapter, regKey) {
classes:
"valid" expression => regcmp("{.*","$(adapter)"),
comment => "A valid adapter starts with {";
databases:
valid::
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\$(adapter)"
database_operation => "verify",
database_type => "ms_registry",
database_rows => {
"NameServer,REG_SZ,$(regKey)"},
classes =>
class_trigger("dns_repaired_resolver", "cant_repair_dns_resolver",
"dns_resolver_kept");
}
and regystrydns.bat is :
@echo off
REM Loop through all the adapters registered in the registry
REM and return a list of them, separated by ;
setlocal enabledelayedexpansion
set adapters=
FOR /F "tokens=8* delims=\" %%a IN ('REG QUERY
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters"')
do (
if not defined adapters (
set adapters=%%a
) else (
set adapters=!adapters!;%%a
)
)
echo %adapters%
endlocal
Best regards !
Nicolas
On 21/03/2010 15:07, Nicolas Charles wrote:
> Hi,
>
> I'm trying to enforce the DNS configuration on my windows machine
> using cfengine and the ms_registry feature.
>
> What I need to do is go through every adapters, and set the value of
> the NameServer.
> The list of adapter are the subkeys of
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
> And the value to set are in the corresponding subkeys of
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces
>
> Is there a way to read the subkeys of the first, to update the later ?
> Or, at worst, have a regexp so that I could do something like this :
>
> bundle agent set_dns
> {
> databases:
>
> "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\.*"
> database_operation => "verify",
> database_type => "ms_registry",
> database_rows => { "NameServer,REG_SZ,8.8.8.8"};
> }
>
> Regards,
> Nicolas
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
