• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1179
  • Last Modified:

How can I collect info on DHCP lease that are given out

We have several locations behind routers and each is on its own subnet and each has its own Windows 2003 DHCP Server. The DHCP works fine but occassionally I see outside computers have gotten an address from us. Usually an iPhone or the like but sometimes a laptop. How can I get some kind of notification of a lease for PC name that does not match those on our network?
0
LarryDAH
Asked:
LarryDAH
1 Solution
 
JBlondCommented:
Maybe that's what you're looking for!?
http://www.petri.co.il/forums/showthread.php?t=2828

Hope that helps.
0
 
PakaCommented:
You'll have to write a moderately difficult VBScript in order to do this.  The problem is that VBScript cannot directly access the DHCP server so it will have to rely on shelling to the NETSH command to query the DHCP server for the scope.  Attached you'll find an example of how to do this from Robbie Allen's website (I modded it to handle server names).

Once you have the scope info in the script, you'll have to trim out the non-scope stuff (header, etc) until you have the raw scope info.

Next you'll have to do some string comparisons to see if the leasors name doesn't match your naming criteria.  If it doesn't then you can send an email via VBScript to a distribution group on your Exchange server using the code at the following link:

http://www.activexperts.com/activmonitor/windowsmanagement/adminscripts/enterprise/mail/
'From:
'http://techtasks.com/code/viewbookcode/798
'Modded by Paka to cover \\servername format
 
' This code displays the leases for the specified scope
 
' ---------------------------------------------------------------
' From the book "Windows Server Cookbook" by Robbie Allen
' ISBN: 0-596-00633-0
' ---------------------------------------------------------------
 
' ------ SCRIPT CONFIGURATION ------
strScope = "15.0.0.0"
strServer = "dj-dc01"' leave blank for local server
' ------ END CONFIGURATION ---------
 
if strServer <> "" then
  strServer = "\\" & strserver
end if
 
'wscript.echo strServer
strCommand = "netsh dhcp server " & strServer & " scope " & strScope & " show clients"
' command: netsh dhcp server \\<ServerName> scope 10.1.2.0 show clients
 
WScript.Echo "Running command: " & strCommand
set objShell = CreateObject("Wscript.Shell")
set objProc  = objShell.Exec(strCommand)
 
Do
   WScript.Sleep 100
Loop Until objProc.Status <> 0
 
if objProc.ExitCode <> 0 then
   WScript.Echo "EXIT CODE: " & objProc.ExitCode
   WScript.Echo "ERROR: " & objProc.StdErr.ReadAll
end if
 
WScript.Echo "OUTPUT: " & objProc.StdOut.ReadAll

Open in new window

0
 
MiamiCoCommented:
Set leasing IP to only specific MAC address (XX:XX:XX:XX:XX:XX).

DHCP1 will lease IPs only for computers with MAC1, MAC2 ... MAC 10
DHCP2 will lease IPs only for computers with MAC11, MAC12 ... MAC 20
DHCP3 will lease IPs only for computers with MAC21, MAC22 ... MAC 30 etc.

Look here: http://www.petri.co.il/filter-mac-address-windows-server-2008-dhcp-server-callout-dll.htm
..."When a device or computer tries to connect to network, it will first try to obtain an IP Address from any available DHCP Server. When installed, the DHCP Server Callout DLL checks if this device MAC Address is present in known list of MAC addresses configured by administrators. If it is present, the device will be allowed to obtain an IP Address from the DHCP. Otherwise, the device requests will be ignored based on the action configured by administrator."
0
Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
venom96737Commented:
If its an Iphone or a laptop thats getting this sounds like a wireless access point somewhere that doesnt have any encryption on the network.  I would check the routers or any wireless access points you have and either turn off wireless if its not in use or place a strong WPA encryption pass on them if they are in use.
0
 
MiamiCoCommented:
Venom96737  is right, this can be the problem. But almost all access points have DHCP server build in, so turn off DHCP on access points (if there one is), and set filters for this AP (only hardware listed in (MAC address) can be connected to AP). And of course, secure this AP (WPA2).
0
 
LarryDAHAuthor Commented:
This is a start but as it is at the moment it does not work for me but I can play around with it in my spare time.
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now