search

EvotecIT / Testimo

Testimo is a PowerShell module for running health checks for Active Directory against a bunch of different tests
549 stars 58 forks source link

Get-WinADDHCP CommandNotFoundException #177

Closed adembarut closed 1 year ago

adembarut commented 1 year ago

Hi,

In our environment Domain Controllers does not installed DHCP Role so DHCP powershell modules not installed. Get-WinADDHCP gives CommandNotFoundException.

image

We write another powershell function to do that. So we don't need to install the Features> Remote Server Administration Tools > DHCP Server Tools in order to run testimo. Here is the code, add in the ADEssentials.psm1 file

function Get-DhcpServer{ [cmdletBinding()] param(

The domain controller to use for the search. If not provided, the function will use the Get-ADDomainController cmdlet to find the domain controller in the closest site.

    [Parameter(Mandatory=$false)]
    [string]$DomainController
)
# If the $DomainController parameter is not provided, use the Get-ADDomainController cmdlet to find the domain controller in the closest site.
if (!$DomainController) {
    $DomainController = (Get-ADDomainController -Discover -NextClosestSite).hostname
}

# Construct the search base for the Active Directory Configuration Partition.
$DomainComponents = ($DomainController -split '\.')
$SearchBase = "cn=configuration,dc=$($DomainComponents[1]),dc=$($DomainComponents[2]),dc=$($DomainComponents[3])"

# Search the Active Directory Configuration Partition for DHCP servers.
$GetDHCPServersFromADSI = Get-ADObject -SearchBase $SearchBase -Filter "objectclass -eq 'dhcpclass' -AND Name -ne 'dhcproot'" -Properties dhcpServers

# Create an array of objects that contain the IP address and DNS name of each DHCP server.
$DHCPServers = @()
foreach ($item in $GetDHCPServersFromADSI)
{
    # Create a new object to hold the IP address and DNS name of the DHCP server.
    $DHCPServer = [pscustomobject]@{
        IPAddress = "" 
        DnsName = ""
    }

    # Get the DNS name of the DHCP server.
    $DHCPServer.DnsName = $item.name

    # Get the IP address of the DHCP server.
    $DHCPServer.IPAddress = ($item.dhcpServers -split '\$')[0].substring(1)

    # Add the object to the array.
    $DHCPServers += $DHCPServer
}

# Return the array of objects.
Return $DHCPServers

}

function Get-WinADDHCP { [cmdletBinding()] param(

)
$ForestDomainControllers = Get-WinADForestControllers
try {
    $DHCPs = **Get-DhcpServer** -Verbose
} catch {
    Write-Warning -Message "Get-WinADDHCP - Couldn't get DHCP data from AD: $($_.Exception.Message)"
    return
}
$CacheDHCP = @{}
$CacheAD = [ordered] @{}
foreach ($DHCP in $DHCPs) {
    $CacheDHCP[$DHCP.DNSName] = $DHCP
}
foreach ($DC in $ForestDomainControllers) {
    $CacheAD[$DC.HostName] = $DC
}

foreach ($DHCP in $DHCPs) {
    $DHCPObject = [ordered] @{
        DNSName   = $DHCP.DNSName
        IPAddress = $DHCP.IPAddress
    }
    if ($CacheAD[$DHCP.DNSName]) {
        $DHCPObject['IsDC'] = $true
        $DHCPObject['IsRODC'] = $CacheAD[$DHCP.DNSName].IsReadOnly
        $DHCPObject['IsGlobalCatalog'] = $CacheAD[$DHCP.DNSName].IsGlobalCatalog
        $DHCPObject['DCIPv4'] = $CacheAD[$DHCP.DNSName].IPV4Address
        $DHCPObject['DCIPv6'] = $CacheAD[$DHCP.DNSName].IPV6Address
    } else {
        $DHCPObject['IsDC'] = $false
        $DHCPObject['IsRODC'] = $false
        $DHCPObject['IsGlobalCatalog'] = $false
        $DHCPObject['DCIPv4'] = $null
        $DHCPObject['DCIPv6'] = $null
    }
    $DNS = Resolve-DnsName -Name $DHCP.DNSName -ErrorAction SilentlyContinue
    if ($DNS) {
        $DHCPObject['IsInDNS'] = $true
        $DHCPObject['DNSType'] = $DNS.Type
    } else {
        $DHCPObject['IsInDNS'] = $false
        $DHCPObject['DNSType'] = $null
    }
    [PSCustomObject] $DHCPObject
}

}

PrzemyslawKlys commented 1 year ago

The idea is - you don't have to run Testimo on DC but on JUMP SERVER in Tier 0. Testimo doesn't require and even discourages using it on DC. Bu replacing it with something more on AD side would help us drop DHCP requirement I guess.