IPAddressStatus* bugs in Get-WinADForestControllerInformation when DNS returns A records in the Additional section

[rmbolger]

The code that resolves A/AAAA records for domain controllers in Get-WinADForestControllerInformation is mistakenly including A/AAAA records returned in the "Additional" section of the DNS response. This can lead to an invalid result for the IPAddress* properties in the output object.

https://github.com/EvotecIT/ADEssentials/blob/8b9b71a40a5435cf03b94505303db86fe894f7eb/Public/Get-WinADForestControllerInformation.ps1#L51-L55

As an example that can be publicly queried, take a look at the response for github.com. There is only a single A record in the Answer section. But there are a whole bunch of NS records in the Authority section and corresponding A records for those NS records in the Additional section. So when the code in the function filters only on the Type property, it mistakenly grabs those A records from the additional section as well.

PS> Resolve-DnsName github.com -DnsOnly | Where-Object { $_.Type -eq 'A' }

Name                                           Type   TTL   Section    IPAddress
----                                           ----   ---   -------    ---------
github.com                                     A      2     Answer     140.82.114.4
dns1.p08.nsone.net                             A      59995 Additional 198.51.44.8
dns2.p08.nsone.net                             A      59995 Additional 198.51.45.8
dns3.p08.nsone.net                             A      59995 Additional 198.51.44.72
dns4.p08.nsone.net                             A      59995 Additional 198.51.45.72
ns-1283.awsdns-32.org                          A      88165 Additional 205.251.197.3
ns-1707.awsdns-21.co.uk                        A      88166 Additional 205.251.198.171
ns-520.awsdns-01.net                           A      88166 Additional 205.251.194.8

The code should ideally be updated to only include results in the Answer section.

[PrzemyslawKlys]

Thank you for PR :-)