How to integrate Windows DNS with vRA 7.x Part II – Delete DNS Record

In Part I we learned how to create a DNS record on provisioning. In this guide I will show you how to setup vRealize Automation 7.x to automatically delete a static host A record and a reverse look up pointer in your Windows based DNS when a user destroys a machine. This is most often needed to be able to automate decomissioning of Linux machines as Linux does not play well with Windows Based DNS when you are using static IP address assignment. However, you can also use this with Windows machines if you don’t allow self registration of Windows on your network.

Pre-Reqs

  • Part I already installed and working see my guide here.
  • vRA 7 installed and configured with at least one blueprint that has static IP address network profile assigned
  • vRA Plugin for vRO configured
  • vCenter Plugin for vRO configured
  • At least one Windows Server with DNS Server tools installed (DNSCMD.exe) Pro TIP: This could be oe of your vRA IaaS or DEM servers as long as they are visible from the vCenter Plugin.
  • vRO workflow package downloaded from here
  • A quiet place where you will not be interrupted see my guide here

First, make sure you can use the dnscmd from the Windows server and have the account rights to create A records.

If you get an error that dnscmd was not found you need to add this role to the server.

Now open the vRO client

  1. Click drop down to Administer
  2. Click the Package Tab
  3. Click Import Package

Locate the package you downloaded and click open

Now click import

Accept any warnings and import the package

Verify the workflow was properly installed

  1. Click the drop down to change to run
  2. Click the Workflows tab
  3. Drill down to the workflow

Update the workflow with the Windows Server and the username and login

  1. Select the workflow
  2. Click edit

Update the attributes

  1. Select the Windows server that has DNSCMD installed
  2. Enter a user with rights to login to that server and rights to administer the DNS server
  3. Enter the password for that user
  4. Click Save and Close

Now open vRA portal as a cloud admin

  1. Click Design
  2. Select a blueprint with a static IP Network Profile
  3. Click edit

Enter the following custom properties

  1. Click Properties
  2. Click Custom Properties
  3. Enter the new property as shown
  4. Click Finish
Extensibility.Lifecycle.Properties.VMPSMasterWorkflow32.Disposing  *

 

Create and publish a new event subscription

  1. Click Administration Tab
  2. Click Events, Subscriptions
  3. Click +New

Select machine provisioning and click next

On the next screen click Run Based on conditions the choose All of the following

screen-shot-2016-09-26-at-2-55-45-pm

On the Clause Drop down browse down to the following state and select it.

Select Equals and then choose the following constant

Now click add expression

Select the following

Now select Equals and the following constant and then click Next

Now click +add expression

Now select Equals

Now enter the following and then press next

Select the workflow we added then press next

Select blocking set the timeout and then click finish

Select the new subscription then click Publish

Fire off a new request

Note: This won’t work for already provisioned machines as they are missing the new custom property we added. You could add the property to existing machines if you wanted them to remove their IP addresses.

Now destroy the machine you just provisioned

  1. Click the items view
  2. Click deployments
  3. Select the deployment
  4. Click Actions then destroy

Monitor the workflow logs in vRO client

 Enjoy not having to manually delete DNS records anymore!
Remember sharing is caring!

26 Replies to “How to integrate Windows DNS with vRA 7.x Part II – Delete DNS Record”

  1. Pingback: How to integrate Windows DNS with vRA 7.x – VMtoCloud.com

  2. Nice job, i just have an error, it seems that the script don’t force the removal of the record.

    So it failed with the error Are you sure you want to delete record? (y/n)

  3. Hi Kelly, thanks a lot for the post.
    I’m looking for the vCO script to delete a computer from AD after machine destroy?

    Do you happen to have one?

    Thanks a lot.

    Tung Vu

  4. Great script and mostly works. However, I keep getting the same error when it runs: Command failed: RPC_S_SERVER_UNAVAILABLE 1722 0x6BA

    I have an account setup that the rights needed to edit DNS and to log onto the system. For some reason the RPC connection is failing. I’ve even tested using dnscmd commands on it.

    Any thought as to what could be going on with this?

  5. I’m getting a similar error to nOon where the dnsserver value is not passed to the script.

    The log file gives me:
    [2017-05-24 13:15:17.553] [I] Getting the custom properties needed
    [2017-05-24 13:15:17.578] [I] toolsOK
    [2017-05-24 13:15:17.581] [I] VMware tools on VM ADHQSVRA002 are in state: toolsOk and guest is running
    [2017-05-24 13:15:17.779] [I] Replacing variable [DNS_server_FQDN] with value null
    [2017-05-24 13:15:17.781] [I] Replacing variable [zone_name_FQDN] with value null
    [2017-05-24 13:15:17.782] [I] Replacing variable [record_name] with value ADHQSVDML016
    [2017-05-24 13:15:17.784] [I] Replacing variable [record_type] with value A
    [2017-05-24 13:15:17.786] [I] Replacing variable [record_value] with value null
    [2017-05-24 13:15:17.788] [I] Updated script content
    echo y | dnscmd null /RecordDelete null ADHQSVDML016 A null

    The strange thing is the Orchestrator plugin for EB-MachineProvisioned-DNSADD works perfectly – the dnsserver custom propoerty in the blueprint is passed to the script and the A and PTR records get created OK.

    Any ideas?

  6. Hi Kelly ,

    Thanks for great port.
    This workflow is for virtual machine (domain controller) which is running on endpoint vCenter. But in my data center we are using Physical Domain controller (DNS) (VC:virtual Machine).So How we can apply this work flow on this scenario.

    Regards,
    Nagaraju

  7. Hi Kelly ,

    Thanks for great port.
    This workflow is for virtual machine (domain controller)(VC:virtual Machine) which is running on endpoint vCenter. But in my data center we are using Physical Domain controller (DNS) .So How we can apply this work flow on this scenario.

    Regards,
    Nagaraju

    • Hi Nagaraju,

      The workflow just needs to run on a Windows Server that has the dnscmd.exe installed on it. That Windows Server needs to be a VM in vCenter. It will execute the command and contact your physical domain controllers. Make sense?

      • Thanks Kelly,

        We ran this script , However i am receiving below error. Can you please suggest?

        [2017-09-16 19:50:35.124] [I] Replacing variable [DNS_server_FQDN] with value dc2.test.in
        [2017-09-16 19:50:35.125] [I] Replacing variable [zone_name_FQDN] with value null
        [2017-09-16 19:50:35.126] [I] Replacing variable [record_name] with value VRA06
        [2017-09-16 19:50:35.128] [I] Replacing variable [record_type] with value A
        [2017-09-16 19:50:35.129] [I] Replacing variable [record_value] with value 172.22.10.10
        [2017-09-16 19:50:35.130] [I] Updated script content
        echo y | dnscmd dc2.p3.test.in /RecordDelete null VRA06 A 172.22.10.10
        [2017-09-16 19:51:45.219] [E] Are you sure you want to delete record? (y/n)

        Command failed: DNS_ERROR_ZONE_DOES_NOT_EXIST 9601 0x2581

        Thanks,
        Nagaraju

        • echo y | dnscmd /f dc2.test.in /RecordDelete null VRA07 A 172.22.10.10
          [2017-09-16 20:51:15.355] [E] Unknown Command “/f” Specified — type DnsCmd -?.

  8. Updated script content
    echo y | dnscmd dc2.p3.test.in /RecordDelete null VRA06 A 172.22.10.10
    [2017-09-16 19:51:45.219] [E] Are you sure you want to delete record? (y/n)

    Command

    I m getting the above error while executing the workflow, please help in fixing this..

  9. Hi Ryan,
    Like others have had above I’m getting

    [2018-11-19 15:32:01.925] [I] Replacing variable [DNS_server_FQDN] with value null
    [2018-11-19 15:32:01.948] [I] Replacing variable [zone_name_FQDN] with value null

    Which causes an RPC error as DNSCMD tries to run against a server called “__null__”

    I’m actually running the DNSCMD on the DNS/AD server itself so obviously RPC won’t be an issue once I get those value populated.
    Hope you can help.

    • ok solved my own issue. Had to create a custom variable dnsserver in the blueprint for the server. Had I done Part 1 I’d have done that already.
      The zonename was taken care of by adding a dnssuffix entry to my network profile.

      Now I need to work out why I get
      Command failed: ERROR_ACCESS_DENIED 5 0x5
      However I’m getting that running the command myself manually so I suspect I’ve solved the VRO thing, I just need to get that error fixed myself.

      • Ok so I can get it to run if I run it via an elevated command prompt – I’m just trying how to work out how to get the automated process run the task elevated.
        Slowly moving towards the solution – trying to see if this is achievable in the “Run program in guest” workflow

  10. Has anyone been able to workout how to fix the issue of destroying multiple machines at once and only some of them having their DNS records removed?

    “Error in (Workflow:Create temporary directory in guest / Scriptable task (item1)#8) The operation is not allowed in the current state” seems to be where it is getting hung up.

Leave a Reply to Tung Vu Cancel reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.