Don't understand why I'm seeing this
Kurt Buff, GSEC/GCIH/PCIP
Name : Signs
State : Inactive
Description :
PSComputerName : wgf-server
RunspaceId : c4dbf369-3836-45d1-a8c5-29800164b683
Michael B. Smith
It’s one of several pseudo-attributes that may get added during hydration of serialized data.
Either do the select-object (again) on the results of Invoke-Command, or update FormatData/TypeData for Invoke-Command.
--
You received this message because you are subscribed to the Google Groups "ntpowershell" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
ntpowershell...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ntpowershell/CADy1Ce7jBbszUEWNj68H8JMNC%3DTx2J4VtwkLv5Cgt9iKK1146A%40mail.gmail.com.
Kurt Buff, GSEC/GCIH/PCIP
To view this discussion on the web visit https://groups.google.com/d/msgid/ntpowershell/68e32e853c6342fda5b49dfd181fff47%40smithcons.com.
Markus Klocker
I don't have a DHCP to try it :)
Markus
Kurt Buff, GSEC/GCIH/PCIP
I've been putting this together in my few spare moments between other tasks, so that I can audit our DHCP servers (all but one of which are not DCs). I'm working on getting DHCP servers audited and consistent in their settings, and also comparing them to a couple of locations where (maddeningly) DHCP is handled by the firewall.
I've run through Carl Webster's DHCP documentation script, and found it so confusing I gave up on it - and I want CSV output anyway, so that comparison between DHCP servers will be easier.
Here's the basic code I'm trying get to work, after hammering on it yesterday while listening to a 5-hour web conference on cloud security. The "sort:-unique" below is because of stupid reasons - a number of the servers have two NICs in them, each assigned with a separate address on the same subnet. So many bad decisions have been made in this network. Anyway, enough kvetching. The last line of code below, which uses $ScopeId, emits the following error - I've tried several different approaches to populating the $ScopeIds variable, and nothing seems to work for getting the values from it into the next line:
Cannot process argument transformation on parameter 'ScopeId'. Cannot convert value "" to type "System.Net.IPAddress". Error: "An invalid IP address was specified."
+ CategoryInfo : InvalidData: (:) [Get-DhcpServerv4OptionValue], ParameterBindin...mationException
+ FullyQualifiedErrorId : ParameterArgumentTransformationError,Get-DhcpServerv4OptionValue
$ServerOptions = @()
$Scopes = @()
$ScopeIDs = @()
$ScopeOptions = @()
$DHCPServers = Get-DhcpServerInDC | sort -Unique DNSName | Select -Expand DNSName
ForEach ($DHCPServer in $DHCPServers)
{
$ServerOptions += Invoke-Command -ComputerName "$DHCPServer" -scriptblock { Get-DhcpServerv4OptionValue | select OptionId,Name,Value,PSComputerName }
$Scopes += Invoke-Command -ComputerName "$DHCPServer" -Scriptblock { Get-DhcpServerv4Scope | select ScopeId,Name,State,Description,PSComputerName }
$ScopeIds = ForEach ($Scope in $Scopes) { ($Scope.ScopeId).ToString() }
$ScopeOptions += ForEach ($ScopeId in $ScopeIds) { Invoke-Command -ComputerName "$DHCPServer" -scriptblock { Get-DhcpServerv4OptionValue -ScopeId "$ScopeId" | select OptionId,Name,Value,PSComputerName } }
}
Michael B. Smith
I wrote much of the original code in that DHCP documentation script 😊
I take feedback – what do you find confusing about it?
From: ntpowe...@googlegroups.com <ntpowe...@googlegroups.com>
On Behalf Of Kurt Buff, GSEC/GCIH/PCIP
To view this discussion on the web visit https://groups.google.com/d/msgid/ntpowershell/CADy1Ce6CWA7gwQA%3D9P_pcSG7%2BKC%3D2Nosfgp9Rd-F%3DV1m-BMBXg%40mail.gmail.com.
Xavier Belanger
Kurt Buff, GSEC/GCIH/PCIP wrote:
> I've been putting this together in my few spare moments between other
> tasks, so that I can audit our DHCP servers (all but one of which are
> not DCs). I'm working on getting DHCP servers audited and consistent in
> their settings, and also comparing them to a couple of locations where
> (maddeningly) DHCP is handled by the firewall.
you a PowerShell script of mine that generate a pseudo "dhcpd.conf"
configuration file for a given DHCP server. So that way you can
easily review and compare the configuration between servers (I usually
rely on the 'Compare' function in Notepad++ for this).
Here is an example of the output, just for one scope (the same
script can target one scope or a full DHCP server):
PS C:\dhcp\scripts> .\Get-DhcpScopesConfiguration.ps1 -ComputerName
dhcp-srv-1.cua.edu -ScopeAddress 10.1.0.0
dhcp-srv-1-10.1.0.0-config-20201211-1428.log has been generated
PS C:\dhcp\scripts> Get-Content .\dhcpprd1-10.1.0.0-config-20201211-1428.log
Global DNS Servers: 10.1.2.3 10.1.2.4 10.1.2.5
Global DNS Domain Name: cua.edu
Vendor Classes:
Name Data
AsciiData Description
---- ----
--------- -----------
airespace 0x4169726573----------415031323030
Airespace.AP1200 1010
Airespace 2700 0x436973636f----------32373030 Cisco
AP c2700 Cisco Aironet 2700 Series
Cisco Aironet 1200 0x436973636f----------31323030 Cisco
AP c1200 Vendor Class Indentifier For ...
Mitel IP Phone Options 0x697070686f----------74656c2e636f6d00
Mitel-specific options for IP...
PXEClient (BIOS) 0x505845436c----------417263683a3030303030
PXEClient:Arch:00000 PXEClient (BIOS)
PXEClient (UEFI x64) 0x505845436c----------417263683a3030303037
PXEClient:Arch:00007 PXEClient (UEFI x64)
Vendor Classes Options Definitions:
VendorClass Name Description
OptionId
----------- ---- -----------
--------
airespace Airespace IP provision 1010
102
Airespace 2700 Airespace 2700 IP provision IP Delivery Option
Airespace 2700 102
Cisco Aironet 1200 Option 43 WLAN Controller IP
Adresses 241
Phone Options Phone Config Configuration string
43
Scope : 10.1.0.0
Name : Worksations
Description : Workstations Network
Range : 10.1.0.10 - 10.1.0.250
Subnet Mask : 255.255.255.0
Router : 10.1.0.1
DNS Servers : Global option is used
DNS Domain Name : Global option is used
DDNS Enabled : Always
Lease Duration : 08:00:00
Reservations Count : 2
Reservations Details : 10.1.0.14 - aa-bb-cc-11-22-33 - client-1.cua.edu
10.1.0.15 - 11-22-33-aa-bb-cc - client-2.cua.edu
Vendor Option (local) : 10.20.1.2 [0x00 0xF1 0x04 0x0A 0x14 0x01 0x02]
Vendor Option (global) : None
PXE BIOS : None
PXE UEFI : None
PS C:\dhcp\scripts>
Just for you to know, if you are working on your own script,
some DHCP pieces of data are stored in different formats, and
there is a fair amount of conversion/formatting required
to get a decent output.
Sincerely,
--
Xavier Belanger
Network Engineer III - CISSP - Technology Services
The Catholic University of America
Michael B. Smith
The problem with your script is twofold: [1] you don’t pass a necessary param to one of your invoke-commands, and [2] you are checking all scopes for all servers scanned. I expect that it would work with the first server and fail with all subsequent servers, once [1] is fixed.
The below works (limited testing: my lab and two prod environments).
BTW, it would be much faster to:
[1] create a PSSession for each DHCPServer so that PSRemoting is only instantiated once for each DHCPServer, OR
[2] have a more complex scriptblock that returns a PSCustomObject containing all the results from each DHCPServer (again, PSRemoting is only instantiated once for each DHCPServer).
$ServerOptions = @()
$Scopes = @()
$ScopeIDs = @()
$ScopeOptions = @()
$DHCPServers = Get-DhcpServerInDC | Sort-Object -Unique DNSName | Select-Object -Expand DNSName
ForEach ($DHCPServer in $DHCPServers)
{
$localServerOptions = @( Invoke-Command -ComputerName "$DHCPServer" -Scriptblock { Get-DhcpServerv4OptionValue | Select-Object OptionId,Name,Value,PSComputerName } )
$localServerScopes = @( Invoke-Command -ComputerName "$DHCPServer" -Scriptblock { Get-DhcpServerv4Scope | Select-Object ScopeId,Name,State,Description,PSComputerName } )
$localScopeIds = @( foreach( $scope in $localServerScopes ) { $scope.ScopeId.ToString() } )
$localScopeOptions = @( foreach( $scopeId in $localScopeIds ) {
Invoke-Command -ArgumentList $scopeId -ComputerName "$DHCPServer" -Scriptblock {
Param( $scopeId )
Get-DhcpServerv4OptionValue -ScopeId "$scopeId" | Select-Object OptionId,Name,Value,PSComputerName
}
} )
$ServerOptions += $localServerOptions
$Scopes += $localServerScopes
$ScopeIds += $localScopeIds
$ScopeOptions += $localScopeOptions
}
From: ntpowe...@googlegroups.com <ntpowe...@googlegroups.com>
On Behalf Of Kurt Buff, GSEC/GCIH/PCIP
Sent: Friday, December 11, 2020 12:40 PM
To: ntpowe...@googlegroups.com
Subject: Re: [ntpowershell] Don't understand why I'm seeing this
No change when looking at properties.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntpowershell/CADy1Ce6CWA7gwQA%3D9P_pcSG7%2BKC%3D2Nosfgp9Rd-F%3DV1m-BMBXg%40mail.gmail.com.
Markus Klocker
I'm just feeling the level up!
At the same time I have to say not all the parts you might need are in the reach of one.
Getting more info is for me the best way to getting more useful!
Thank You!
Markus
To view this discussion on the web visit https://groups.google.com/d/msgid/ntpowershell/348a5ab1715044c1aba131215a6a07a7%40smithcons.com.
Michael B. Smith
I’m not sure what you mean? I think this is functionally equivalent and measurably faster:
$ServerOptions = @()
$Scopes = @()
$ScopeIDs = @()
$ScopeOptions = @()
$DHCPServers = Get-DhcpServerInDC | Sort-Object -Unique DNSName | Select-Object -Expand DNSName
ForEach ($DHCPServer in $DHCPServers)
{
$result = Invoke-Command -ComputerName $DHCPServer {
$options = @( Get-DhcpServerv4OptionValue | Select-Object OptionId, Name, Value, PSComputerName )
$scopes = @( Get-DhcpServerv4Scope | Select-Object ScopeId, Name, State, Description, PSComputerName )
$scopeIds = @( foreach( $scope in $scopes ) { $scope.ScopeId.ToString() } )
$scopeOpts = @( foreach ( $scopeId in $scopeIds ) { Get-DhcpServerv4OptionValue -ScopeId $scopeId | Select-Object OptionId, Name, Value, PSComputerName } )
[PSCustomObject] @{
ServerOptions = $options
ServerScopes = $scopes
ScopeIds = $scopeIds
ScopeOptions = $scopeOpts
}
}
$ServerOptions += $result.ServerOptions
$Scopes += $result.ServerScopes
$ScopeIds += $result.ScopeIds
$ScopeOptions += $result.ScopeOptions
To view this discussion on the web visit https://groups.google.com/d/msgid/ntpowershell/1daaf630-2d90-1387-7c05-b2add82771c2%40univie.ac.at.
Kurt Buff, GSEC/GCIH/PCIP
To view this discussion on the web visit https://groups.google.com/d/msgid/ntpowershell/348a5ab1715044c1aba131215a6a07a7%40smithcons.com.
Kurt Buff, GSEC/GCIH/PCIP
To view this discussion on the web visit https://groups.google.com/d/msgid/ntpowershell/767f22483a964340853a4b282eecc1ed%40smithcons.com.
Michael B. Smith
Your Select-Object for Get-DhcpServerv4OptionValue doesn’t include ScopeId. Of course it isn’t in the list. 😊
Computers are funny that way. 😊
But after checking – it’s not even available, so it has to be a constructed attribute.
Like this (change line 14 from the v2 script):
$scopeOpts = @( foreach ( $scopeId in $scopeIds ) { Get-DhcpServerv4OptionValue -ScopeId $scopeId | Select-Object @{ N = 'ScopeId'; E = { $scopeid } }, OptionId, Name, Value, PSComputerName } )
In regards to scriptblock parameters – it isn’t obvious and OFTEN BUT NOT ALWAYS you can avoid that by using a special “scope modifier” called “using:”. Because it doesn’t always work, I use ArgumentList instead. It always works. In your specific case, you could’ve said $using:scopeId instead of ArgumentList, but you had to do one or the other.
For more information on this topic (both about using: and ArgumentList) see “help about_remote_variables”.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntpowershell/CADy1Ce7Zr-Gh220FQ7-SWuLOjX_JGYFWOgrFsvQt7fxYDGWZUg%40mail.gmail.com.
Kurt Buff, GSEC/GCIH/PCIP
To view this discussion on the web visit https://groups.google.com/d/msgid/ntpowershell/109fc63031304692b9de1cd9e48312f5%40smithcons.com.