Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Need help with Powershell script to add DHCP scopes to AD Sites

Posted on 2010-11-30
20
Medium Priority
?
1,211 Views
Last Modified: 2012-06-21
We are in the process of changing our entire VLAN/DHCP scope structure. I need to create a script which adds or replaces the existing subnets in Active Directory Sites and Services with the new subnets(listed in an Excel spreadsheet) and add them to specific sites in ADSS with their respective descriptions.
I am a PowerShell beginner and I have found a script which creates sites (below) which I am trying to adapt to my needs. I need to get this done as soon as possible so I don't have much time to research this. Any help or direction would be appreciated.

siteName =  "Default-First-Site-Name"
$configNCDN = (Get-ADRootDSE).ConfigurationNamingContext
$siteContainerDN = ("CN=Sites," + $configNCDN)
$siteDN = "CN=" + $siteName + "," + $siteContainerDN
$siteObj = Get-ADObject -Identity $siteDN -properties "siteObjectBL", "description", "location"
foreach ($subnetDN in $siteObj.siteObjectBL) {
    Get-ADObject -Identity $subnetDN -properties "siteObject", "description", "location"
}
---------------------------------------------------------------------------------
function CreateSite( $strSiteName )
{
    $strSiteRDN = "cn=$strSiteName"
     
    $ADS_PROPERTY_UPDATE = 3
     
    $strConfigurationNC = ([ADSI]"LDAP://RootDSE").configurationNamingContext
    $objSitesContainer = ([ADSI]"LDAP://cn=Sites,$strConfigurationNC")
     
    $objSite = $objSitesContainer.Create("site", $strSiteRDN)
    $objSite.SetInfo()
     
    $objLicensingSiteSettings = $objSite.Create("licensingSiteSettings", "cn=Licensing Site Settings")
    $objLicensingSiteSettings.SetInfo()
 
    $objNtdsSiteSettings = $objSite.Create("nTDSSiteSettings", "cn=NTDS Site Settings")
    $objNtdsSiteSettings.SetInfo()
 
    $objServersContainer = $objSite.Create("serversContainer", "cn=Servers")
    $objServersContainer.SetInfo()
}
0
Comment
Question by:jeppolito
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 9
20 Comments
 
LVL 27

Accepted Solution

by:
KenMcF earned 2000 total points
ID: 34240179
What does you CSV file look like. I would make it the full Distinguished name of the site and subnet then you could do sometghing like this. This has not been tested so test first.

To get all the sites and subnets you could use this
get-adobject -searchbase "CN=Sites,CN=Configuration,DC=Domain,DC=Local" | where {$_.objectclass -eq "Subnet"} | select DistinguishedName

get-adobject -searchbase "CN=Sites,CN=Configuration,DC=Domain,DC=Local" | where {$_.objectclass -eq "Site"} | select DistinguishedName

------CSV FILE----------
Site,Subnet
"CN=SITE1,CN=Sites,CN=Configuration,DC=Domain,DC=Local","CN=10.1.1.0/24,CN=Subnets,CN=Sites,CN=Configuration,DC=Domain,DC=Local"


$newsubs = import-csv C:\newsubs.csv
Foreach($sub in $newsubs){
get-adobject $sub.subnet -properties * | set-adobject -replace @{siteobject=$sub.site}
}
0
 

Author Comment

by:jeppolito
ID: 34241563
Thanks...I am swamped right now but will answer you as soon as I can. thanks again
                                                                        James
0
 

Author Comment

by:jeppolito
ID: 34242259
OK...my CSV has all of my DHCP scopes (subnets) in one column and their respective site in the second column and descriptions in the third column
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 
LVL 27

Expert Comment

by:KenMcF
ID: 34242312
What is the format, can you post an example?

Are the subnets already defined in AD or do they need created?
0
 

Author Comment

by:jeppolito
ID: 34242669
All the subnets have been created in DHCP already

CSV Example
Column 1           Column 2           Column 3
Subnet              Site                    Description
10.10.1.X          Hulen                 Hulen North Tower, 4th Floor
10.10.2.X          RC                     1200 Campus Dr.
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 34242899
ok, so they have not been created in AD then?

are all your subnets the same, for example all /24?

If not you will need to change your csv file to this format
10.10.1.0/24
172.16.30.0/23
0
 

Author Comment

by:jeppolito
ID: 34257410
First, thank you very much for your time and effort, as well as, the education.  I have the subnet mask in a separate column for all the entries.  
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 34257518
What masks do you use? Are they all class C 255.255.255.0 or do you have many different ones?
0
 

Author Comment

by:jeppolito
ID: 34259161
There are 1150 subnets; 2 are class B and the rest are class C.
0
 
LVL 27

Assisted Solution

by:KenMcF
KenMcF earned 2000 total points
ID: 34259933
Try this

I have the settings so the heading on the CSV should be

Network,Site,Description,subnet
192.168.1.0,Site1,Site1,255.255.255.0
172.16.20.0,Site2,Site2,255.255.0.0

Also change DC=DOMINA,DC=LOCAL
to your env.



Import-Module ActiveDirectory
$ips = import-csv C:\sites.csv
foreach ($IP in $ips){
If ($IP.subnet -eq "255.255.255.0"){
$mask = "/24"}
Else {$mask = "/16"}
New-ADObject -Name "$($IP.Site)" -Type site -Description "$($IP.description)" -Path "CN=Sites,CN=Configuration,DC=DOMAIN,DC=LOCAL"
New-ADObject -Name "$($IP.Network)$Mask" -Type subnet -Description "$($IP.Subnet)/$($IP.Mask)" -OtherAttributes @{siteObject="CN=$($IP.SITE),CN=Sites,CN=Configuration,DC=DOMAIN,DC=LOCAL"} -Path "CN=Subnets,CN=Sites,CN=Configuration,DC=HOMEAD,DC=LOCAL"
}

Open in new window

0
 

Author Comment

by:jeppolito
ID: 34260797
I have attached abridged copies of my files for you to look at. The first is the ".CSV" I am working from for this import. The second file is the Powershell script (you need to change the extension from DOC to PS1) which I changed my domain name.  Our domain is listed in the script as MXXXXXXXC.local"

The only thing I am unclear about is 192.168.1.0,Site1,Site1,255.255.255.0
172.16.20.0,Site2,Site2,255.255.0.0 AD-site-import-abridged.doc sites-abridged.csv
0
 

Author Comment

by:jeppolito
ID: 34260874
One more thing caught my attention. In the script you have, "CN=Subnets,CN=Sites,CN=Configuration,DC=HOMEAD,DC=LOCAL" What is "HOMEAD"?
If I look at the configuration container in ADSIEdit it reads...CN=Configuration,DC=mXXXXXXc,DC=local
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 34260895
That should be good. One thing you will need to change in your csv file. I noticed one subnet had a * at the end, this should be removed or it will give an error.
I would either run this in your DEV env or add only a few lines to your CSV and test.
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 34260903
HomeAD is my LAB, I tested the script before posting.
0
 

Author Comment

by:jeppolito
ID: 34261781
Ken thank you again for the help and the lesson...I learned a lot just by reviewing the script...hopefully I will be able to provide the same help to someone else in the near future...James
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 34261992
Glad I could help, let me know if you have any other questions or problems with this.
0
 

Author Comment

by:jeppolito
ID: 34267025
Good morning Ken,
    I do have a few questions before I test it in Development this morning.  
1.   In the script you have, "CN=Subnets,CN=Sites,CN=Configuration,DC=HOMEAD,DC=LOCAL"   What is "HOMEAD"? And does this need to be changed?
2.   I noticed there is no path to the Sites.Csv file. Should it reside in the same folder as the script or in the the root of C:?
3.   Since you are importing the AD Module I assume the script needs to be run on a domain controller (Win2k8)?
4.   If I want to add information to the location field how would I go about this? I assume I could modify the line of script below and add the "Location" field schema name. However I have not found it  as yet.
New-ADObject -Name "$($IP.Site)" -Type site -Description "$($IP.description)" -Path "CN=Sites,CN=Configuration,DC=DOMAIN,DC=LOCAL"
0
 
LVL 27

Assisted Solution

by:KenMcF
KenMcF earned 2000 total points
ID: 34267161
Change HOMEAD to match your environment, that is my lab.

for the sites.csv just change the path to where it is located. I just used the root of C for testing.

You can run this on any R2 or Win7 computer that has the RSAT installed and the proper rights to and sites and subnets.

For location you can add the heading to your CSV and do this

-otherattributes @{'location'=$($IP.location)}
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 34497726
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question