Notes

User Tools

Site Tools

Trace: disableenablellmnr
microsoft:scripting:powershell:snippets:disableenablellmnr

Table of Contents

Microsoft - Scripting - PowerShell - Snippets - Disable/Enable LLMNR

A snippet to disable LLMNR at the start of a script, so a DNS name resolution call would not get resolved with LLMNR [System.Net.Dns]::GetHostAddresses(“SERVERNAME”) , and re-enable LLMNR at the end of the script.

See logging for the Log-* funtions.

Start with Disable

$bLLMNRPolicyState = 0
 
Log-Info "Disabling LLMNR"
 
# Disable LLMNR.
# If the DNSClient is not present, create it and the EnableMulticast value.
if (-Not (Test-Path -Path "HKLM:\Software\policies\Microsoft\Windows NT\DNSClient")) {
 
	Log-Info "DNSClient key not present, creating it and the EnableMulticast value."
 
	$bLLMNRPolicyState = 1	# Value not present.
 
	try {
 
		Log-Info "Creating the DNSClient policy key."
 
		# Create the DNSClient key.
		New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" -ErrorAction Stop
 
		Log-Info "Creating the EnableMulticast property with value."
 
		# Create the EnableMulticast value set to 0.
		New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" `
			-Name "EnableMulticast" -PropertyType "DWORD" -Value 0 -Force | Out-Null
 
		Log-Info "Restarting the DNS Client service."
 
		# Restart the DNS Client service to enforce the change.
		Restart-Service -Name "dnscache" -Force
 
	} catch {
 
		Log-Error "Could not disable LLMNR on the local system."
		Log-Error $Error[0]
		Exit
 
	}
 
# If the DNSClient is present, check and correct the EnableMulticast value.
} else {
 
	Log-Info "DNSClient key is already present, checking EnableMulticast value."
 
	$objEnableMulticast = Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" -PSProperty "EnableMulticast" -ErrorAction SilentlyContinue
 
	# If it's set to 0 it is already disabled.
	if ($objEnableMulticast.EnableMulticast -eq 0) {
 
		Log-Info "LLMNR is already disabled. Not changing this."
 
		$bLLMNRPolicyState = 2	# Already disabled.
 
	} elseif ($objEnableMulticast.EnableMulticast -eq 1) {
 
		Log-Info "LLMNR is explicitly enabled. Setting it to disabled."
 
		try {
 
			# Overwrite the value.
			New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" `
				-Name "EnableMulticast" -PropertyType "DWORD" -Value 0 -Force | Out-Null
 
			# Restart the DNS Client service to enforce the change.
			Restart-Service -Name "dnscache" -Force
 
		} catch {
 
			Log-Error "Could not disable LLMNR on the local system."
			Log-Error $Error[0]
			Exit
 
		}
 
		$bLLMNRPolicyState = 3	# Disabled by this script.
 
	} else {
 
		Log-Info "The EnableMulticast value is not present. Creating it."
 
		try {
 
			# Create the policy property with value.
			New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" `
				-Name "EnableMulticast" -PropertyType "DWORD" -Value 0 -Force | Out-Null
 
			# Restart the DNS Client service to enforce the change.
			Restart-Service -Name "dnscache" -Force
 
		} catch {
 
			Log-Error "Could not disable LLMNR on the local system."
			Log-Error $Error[0]
			Exit
 
		}
 
		$bLLMNRPolicyState = 1	# Value not present.
 
	}
 
	Clear-Variable objEnableMulticast
 
}

End with Enable

Log-Info "Restoring LLMNR settings."
 
# Restore the LLMNR setting to the value it had before starting the script.
switch ($bLLMNRPolicyState) {
 
	# LLMNR key was not present
	1 {
 
		try {
 
			# Delete the key.
			Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" -Name "EnableMulticast" -Force -ErrorAction Stop
 
			# Restart the DNS Client service to enforce the change.
			Restart-Service -Name "dnscache" -Force -ErrorAction Stop
 
		} catch {
 
			Log-Error "Failed to delete the EnableMulticast value."
			Log-Error $Error[0]
 
		}
 
	}
 
	# LLMNR was already set to disabled.
	2 {
 
		Log-Info "LLMNR was already set to disabled. Not changing."
 
	}
 
	# LLMNR was disabled by this script.
	3 {
 
		try {
 
			# Overwrite the value.
			New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" `
				-Name "EnableMulticast" -PropertyType "DWORD" -Value 0 -Force -ErrorAction Stop | Out-Null
 
			# Restart the DNS Client service to enforce the change.
			Restart-Service -Name "dnscache" -Force -ErrorAction Stop
 
		} catch {
 
			Log-Error "Failed to restore the LLMNR setting to enabled."
			Log-Error $Error[0]
 
		}
 
	}
 
	Default {
 
		Log-Warning "Unexpected value of $bLLMNRPolicyState for bLLMNRPolicyState. Not changing LLMNR registry setting."
 
	}
 
}
microsoft/scripting/powershell/snippets/disableenablellmnr.txt · Last modified: 2018/02/08 08:46 by bas
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki