gitadmin/claude-launcher
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add location-aware DNS suffix auto-switch for LBOOK

Browse Source 
LBOOK is domain-joined to intern.beletage.ro, so the AD suffix was searched first for every single-label name. Off the office LAN, home names like home-ws were tried as home-ws.intern.beletage.ro, routed by NRPT to the AD DNS over VPN, stalling ~11s on timeout before falling back to .lan — slow RDP to home hosts.

scripts/dns-location-suffix.ps1 sets the global suffix search order from the physical NIC subnet (Sophos TAP excluded): intern-first on the office LAN (10.10.10.x / 10.10.40.x), lan-first everywhere else. install-dns-location-task.ps1 registers it as a SYSTEM scheduled task triggered on network-connect (NetworkProfile 10000) and logon; verify-dns-location-task.ps1 reads it back (the task is not queryable unelevated). Also adds .claude/settings.json allowlisting read-only network diagnostics.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Marius Tarau
2026-05-31 22:19:16 +03:00
parent d5d6703a1a
commit 5b2e2aa417
4 changed files with 188 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/verify-dns-location-task.ps1
+34
View File
@@ -0,0 +1,34 @@
<#
.SYNOPSIS
Elevated read-out of the Beletage-DNS-Location-Suffix task (triggers, principal,
last run) to C:\ProgramData\Beletage\verify.txt. The task runs as SYSTEM with a
restrictive security descriptor, so it is not queryable from a non-elevated shell.
Run elevated:
Start-Process powershell -Verb RunAs -ArgumentList '-NoProfile','-ExecutionPolicy','Bypass','-File','<path>\verify-dns-location-task.ps1'
#>
$ErrorActionPreference = 'Stop'
$out = 'C:\ProgramData\Beletage\verify.txt'
$name = 'Beletage-DNS-Location-Suffix'
$lines = @()
try {
$t = Get-ScheduledTask -TaskName $name
$lines += "FOUND $($t.TaskName) State=$($t.State)"
$lines += "Principal $($t.Principal.UserId) RunLevel=$($t.Principal.RunLevel) LogonType=$($t.Principal.LogonType)"
$lines += "Triggers $($t.Triggers.Count)"
foreach ($tr in $t.Triggers) {
$cn = $tr.CimClass.CimClassName
$tag = if ($tr.Subscription) { ' (event: NetworkProfile connected / EventID 10000)' } else { '' }
$lines += " - $cn$tag"
}
$info = Get-ScheduledTaskInfo -TaskName $name
$lines += "LastRun $($info.LastRunTime) LastResult=0x$('{0:X}' -f $info.LastTaskResult)"
$lines += "NextRun $($info.NextRunTime)"
}
catch {
$lines += "ERROR $($_.Exception.Message)"
}
$lines | Set-Content -Path $out -Encoding UTF8