SCOM 2012 – Check DNS Servers And DNS Records / IP MP

In today’s world of IT everything is still heavily depending on DNS. It can be the most sophisticated application / technology if DNS does not work all other parts also won’t work. SCOM offers a good DNS MP which monitors essential parts of your DNS infrastructure. Something that is missing and I think makes sense is to check the DNS records and it’s corresponding IP on a selection of DNS servers.

So let’s say you have 1,2 or more (external) DNS servers which contain all the same DNS A-Records and IP’s. Your goal is to check if these records exist and also have the expected IP address on each of these selected DNS servers. If any of these parameters don’t match, something is wrong and you would like to receive an alert.

I created a PowerShell monitor to execute a script which will call nslookup to make the DNS resolution. Why nslookup ? Well, since every server has nslookup and PowerShell on board therefore it is a good couple to use it.

For a better understanding of the situation I’ll show you an example.

If I query for stefanroth.net using http://dnswatch.info I get the following result…

image

As you can see there are 3 DNS servers which are hosting a stefanroth.net record 6 times with different IP addresses. I want to check each of these DNS servers if they contain each of these records with the specific IP address. Everything ok? Good :). Of course there are less difficult examples like for systemcenteruniverse.ch

image

The core part of the script is calling nslookup and getting the result properly for parsing the expected IP address…

image

How can you configure the monitor? Well, just modify the monitor in VSAE or create an Override. The format is like this…

  • DNS servers separated by comma ns1.wordpress.com,ns2.wordpress.com,ns3.wordpress.com
  • DNS records like record name:IP,record name2:IP
    stefanroth.net:66.155.11.238,stefanroth.net:76.74.254.123,stefanroth.net:192.0.80.250,
    stefanroth.net:192.0.81.250,stefanroth.net:66.155.9.238,stefanroth.net:76.74.254.120

In the different GUI’s it looks like this…

VSAE

image

Override

image

The monitor is targeted at the Management Server class, but you can change it to any class that suits your needs. Adjust also the interval for the monitor the default value is 300 seconds. When the script starts it gets a DNS server entry and iterates through each record, comparing the configured IP address against the received IP address(es) from nslookup. If this does not match an alert is created and it will look like this…

image

…and in the Health Explorer like this…

image

You can download the VSAE solution from TechNet Gallery.

I hope it is useful to you and have fun…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s