# Variables
$CsrFolder   = "C:\Temp\CSRs"       # Path to folder with CSR files
$DnsZone     = "record.domain.govt.nz"      # Your DNS zone (AD-integrated)
$TargetIP    = "managementboxIP"      # The IP for all A records
$DnsServer   = "DC01.example.local" # AD Domain Controller / DNS server

# Loop through CSR files
Get-ChildItem -Path $CsrFolder -Filter *.csr | ForEach-Object {
    # Get just the file name without extension
    $fqdn = $_.BaseName.Trim()
    Write-Host "Processing $fqdn ..."

    try {
        # If the filename is a full FQDN, strip the zone name
        if ($fqdn.ToLower().EndsWith(".$($DnsZone.ToLower())")) {
            $hostname = $fqdn.Substring(0, $fqdn.Length - $DnsZone.Length - 1)
        } else {
            $hostname = $fqdn
        }

        Write-Host " -> Adding DNS A record for $hostname.$DnsZone -> $TargetIP"

        Add-DnsServerResourceRecordA `
            -Name $hostname `
            -ZoneName $DnsZone `
            -IPv4Address $TargetIP `
            -ComputerName $DnsServer `
            -ErrorAction Stop

    } catch {
        Write-Warning "Could not add DNS record for $fqdn : $_"
    }
}