Adding Domains to Direct Access DNS Suffix Using Powershell

Author by Matt Boudro

A recent deployment of Direct Access on Server 2012 required a method of adding a large number of DNS domains to the DNS suffix list. Since manually adding them was a daunting task, I wrote a quick Powershell script to handle the job. The script is as follows:
Import-CSV domains.csv | foreach { $domain = "." + $_.domain_name; Add-DAClientDnsConfiguration -DNSSuffix $domain -DnsIPAddress [dns IPv6 address here]; }
For the domain list, I created a CSV file with each domain as a line item within the file. You will also want to define a header (domain_name, in this particular case) so that you can carry that variable into the script for processing, as seen in the script above. During my testing, I discovered a particularly interesting caveat: you'll need to add a "." in front of each of the domain names if you would like * included in the DNS suffix list. If you do not include the period, the lookups will fail for any subdomains under your parent domains. Also make sure to replace [dns IPv6 address here] with the IPv6 address of your DNS server. This can also be the IPv6 address of the Direct Access server.  

Matt Boudro

Senior Systems Engineer