So last night, I got onto a bridge call at 2200, expecting to be off the call five minutes later. Not! I was supposed to put in a DNS change for a public facing site to accommodate a server migration. First they had cabling problems, then IIS was not happy, then the load balancer wasn’t right…long story short…I called “time of death” a few minutes past midnight.
Rather than relive that fun, I came up with a way to do some DNS self serve, without giving up too many rights to DNS, or having to train someone on the system. This is a hack of low order, but it does what I need. It assumes though that Outlook is running, and that you are logged on as a user with DNS privileges to the system, which is a Windows based DNS. This uses Outlook rules to call very basic cmd files.
Lets assume we have a server called canary.example.com. Its current ip.addr is 10.1.2.3, and we want to change it to 10.9.8.7. Our DNS server is ns.example.com.
Step One-create the script to change the record.
The cmd-line tool dnscmd can be used to change records, but you have to delete the old record and then add the new one. Create a script with two lines, one to delete, one to add.
dnscmd ns.example.com /recorddelete example.com canary A 10.1.2.3 /f
dnscmd ns.example.com /recordadd example.com canary A 10.9.8.7
Basically, the syntax is dnscmd [nameserver] [action] [zone] [record] [type] [data]. /f says to do it without asking; necessary for scripted deletes but not for adds.
Save this is change.cmd in some directory on your PC.
Step Two-create the script to revert.
dnscmd ns.example.com /recorddelete example.com canary A 10.9.8.7 /f
dnscmd ns.example.com /recordadd example.com canary A 10.1.2.3
Save this as revert.cmd in the same directory as above.
Step Three- Go into Outlook and create a rule to execute the change.
- Click Tools, Rules and Alerts
- Click New Rule
- Start from a blank rule, Check messages when they arrive
- Check “with specific words in the subject. Specify some string that tells you what this is, but won’t correspond to ANYTHING you might get at random. For this example I will use “CanaryChangeDoItNow321!” Note…no spaces. Click Next.
- Check “start an application” and browse to and select the change.cmd file. Click next, then Finish, then OK. Remember, this is client-only, so Outlook has to be running.
Step Four- Create a rule to revert the change.
- Click Tools, Rules and Alerts
- Click New Rule
- Start from a blank rule, Check messages when they arrive
- Check “with specific words in the subject. Specify some string that tells you what this is, but won’t correspond to ANYTHING you might get at random. For this example I will use “CanaryChangeOopsGoBack” Note…no spaces. Click Next.
- Check “start an application” and browse to and select the revert.cmd file. Click next, then Finish, then OK. Remember, this is client-only, so Outlook has to be running.
Now, you can send an email to the web guy/server guy/whoever makes the decision to proceed, with two links…one to click when ready
mailto:youremail@yourdomain.com?subject=CanaryChangeDoItNow321!
and one to click if they need to revert.
mailto:youremail@yourdomain.com?subject=CanaryChangeOopsGoBack
*** Make sure that in your mail client those show up as clickable links ***
As long as your workstation stays logged in, and Outlook is running, they can change and revert whenever they want. You still probably want to give them your cellphone just in case, but this works well.
two tips:
- Prior to doing this, you may want to set the TTL for the record to change to be low, so that the end users see the results more quickly.
- If you are trying to adjust the A record for the zone itself, DNS uses the @ sign to do this.
tested using Outlook 2007 on Vista, and Microsoft’s DNS service on Windows 2008. Ymmv.
You might also enjoy:
