Use PowerShell to Query AD DS for DHCP Servers

Use PowerShell to Query AD DS for DHCP Servers

  • Comments 5
  • Likes

Summary: Microsoft Scripting Guy, Ed Wilson, talks about using Windows PowerShell to query the Active Directory configuration context to return DHCP servers.

Microsoft Scripting Guy, Ed Wilson, is here. One of the cool things about Windows Server 2012 and Windows 8 is the numerous cmdlets and functions available. After installing the Remote Server Admin Tools (RSAT) on Windows 8, all the administrator Windows PowerShell modules become available. Therefore, in addition to just having DHCP client cmdlets and functions, I also have the DHCP server cmdlets and functions available as well.

First find the AD DS location for DHCP servers

Ok, so the first thing I need to do is to figure out where DHCP servers reside in Active Directory Domain Services (AD DS). I knew they were not in the default naming context, so I figured they would be in the configuration naming context. The tool I use when looking around at AD DS is ADSI Edit. As it turned out, it was rather obvious. I am looking for a service, and the service is Networking. Here is a screenshot of ADSI Edit illustrating this container.

Image of ADSI Edit

Query AD DS for authorized DHCP servers

Now that I know where the DHCP servers reside in the AD DS infrastructure, I can easily query for them. To do this, I use the Get-ADOObject cmdlet from the ActiveDirectory module that becomes available on my computer running Windows 8 after I have Remote Server Administration Tools (RSAT) installed. Because I am using Windows PowerShell 3.0, I do not need to first import the ActiveDirectory module. It loads automatically upon first use of the cmdlet. But, if I know I am going to use it, then I generally go ahead and load the module. Here is the command:

Import-Module ActiveDirectory

Now I need to query the configuration naming context. To do this, I use the –SearchBase parameter of the Get-ADOObject cmdlet. Here is the parameter I use:

-SearchBase "cn=configuration,dc=iammred,dc=net"

If I only use the Get-ADOObject cmdlet with the configuration search base, it returns a lot of information. This is definitely a place where my Filter Left edict should firmly be in place. Now, I can write a LDAP Dialect query just as well as the next Microsoft Scripting Guy, but hey, using the plain old –Filter parameter works just as well and is easier to understand. When I looked up the location of DHCP servers in Active Directory via ADSI Edit, I did not just find the container and leave it at that. No, I also paid attention to the value under the Class column because it informs me the appropriate value to use in my filter for the ObjectClass attribute. In this case, once again, it makes sense; I need the DHCPClass class of objects. Here is that part of the query:

 -Filter "objectclass -eq 'dhcpclass'

Now, I also know that I am not interested in the DHCPRoot container because it does not contain names of DHCP servers. Therefore, I add an exclusion to my filter by using the –AND operator. Here is the exclusion to filter out the DHCPRoot container.

-AND Name -ne 'dhcproot'"

The complete filter I use for the  –Filter parameter appears here.

-Filter "objectclass -eq 'dhcpclass' -AND Name -ne 'dhcproot'"

That is it. The entire Get-ADObject command appears here (this is a single line that wraps in the blog. I have not added any line continuation characters to the command).

Get-ADObject -SearchBase "cn=configuration,dc=iammred,dc=net" -Filter "objectclass -eq 'dhcpclass' -AND Name -ne 'dhcproot'"

On my computer, when I run the command, the following appears.

14:42 C:\> Get-ADObject -SearchBase "cn=configuration,dc=iammred,dc=net" -Filter "obj

ectclass -eq 'dhcpclass' -AND Name -ne 'dhcproot'"

 

DistinguishedName     Name                 ObjectClass          ObjectGUID

-----------------     ----                 -----------          ----------

CN=wds1.iammred.ne... wds1.iammred.net     dHCPClass            0afcbc79-4268-4a8...

Once I analyze the output, I see that I am only interested in the value of the Name property. I can use the Select-Object cmdlet to return only the name property, as shown here.

15:14 C:\> Get-ADObject -SearchBase "cn=configuration,dc=iammred,dc=net" -Filter "o

ectclass -eq 'dhcpclass' -AND Name -ne 'dhcproot'" | select name

 

name

----

wds1.iammred.net

 

I can also use the group and dot technique because Windows PowerShell 3.0 does the automatic foreach and will, therefore, return multiple DHCP server names here. This technique is shown here.

15:20 C:\> (Get-ADObject -SearchBase "cn=configuration,dc=iammred,dc=net" -Filter "ob

jectclass -eq 'dhcpclass' -AND Name -ne 'dhcproot'").name

wds1.iammred.net

 

Why is this such a big deal? Dude, take a look at what is involved in finding authorized DHCP servers via VBScript—there are many such scripts on the Internet, but here is one from the Scripting Guys Script Repository—this script is a five-star favorite!

That is all there is to querying Active Directory Domain Services for authorized DHCP servers. Join me tomorrow when I will talk about more cool Windows PowerShell stuff.

I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.

Ed Wilson, Microsoft Scripting Guy

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • Hi Ed,

    PUH! This is another easy to understand and directly useful oneliner!

    And it even works on Windows 7!

    Nice & easy :-)

    Klaus.

  • Nice tip...

    But the Screenshot does Not Look like ADSI...have a look

    Eric

  • I love the way you reskinned ADSI Edit in your screenshot :-)

  • @K_Schulte yes, todays code will work on any computer that you can install the ActiveDirectory module from the RSAT tools ... Windows 7, WIndows 2008R2, Windows 8, and Windows Server 2012. With implicit remoting, you could also use this with PowerShell 2.0 from Windows XP or Windows Server 2003.

    @Eric Berg Thank you for catching this. When I did the ADSI Edit screenshot, I named it 1-10-12-1 instead of 1-10-13-1, and therefore when the blog was posted by my editor, somehow it picked up an old screenshot :-(

    @Maarten Piederiet LOL, I just renamed the image, and my editor it taking a look as we speak -- virtually of course.

  • One thing: when you run this command, it also picks up stale DHCP objects (if the administrator has not cleaned it up prior)
    CNF:0765a758-01b6-499a-ae74-528f2e649294

    So you need to filter the command to exclude the CNF objects too.