Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Powershell script to inventory all servers that have IPv6 enabled/disabled

Posted on 2013-01-16
12
Medium Priority
?
2,654 Views
Last Modified: 2013-02-20
IPv6 PS Script
I want to inventory all computers in our AD environment and find out if IPv6 is enabled or not enabled.

I've attached a script and am stuck on disabled.
Can someone add to my script so the column  'disabled' outputs true/false.
Please keep in mind I'm trying to do it with a one-line command as I am learning PS.

thanks
0
Comment
Question by:techgenious
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 41

Expert Comment

by:footech
ID: 38785445
Quick note - often one-liners are a lot more difficult to read and understand than multi-line scripts.
The closest I've seen for this is to use WMI to check what IP addresses are in use and examine them to see if they contain ":".  Possibly could make this a calculated property, but I haven't been able to pull it all together.
Honestly do not know if you can rely on the IPv6Address property from Get-ADComputers since it can return info even when IPv6 isn't enabled.
This the closest I've come up with, using a custom object:
Import-Module ActiveDirectory
$computers = Get-ADComputer -filter *
$out = @()
ForEach ($computer in $computers) 
{
	$custom = New-Object PSObject
	$custom | Add-Member -type NoteProperty -name ComputerName -value $computer.name
	$ipv6 = (gwmi Win32_NetworkAdapterConfiguration -computername "$($computer.name)" | Where {$_.IPEnabled -eq $True} ).IPAddress | Where {$_ -match ":"}
	$custom | Add-Member -type NoteProperty -name IPv6Address -value $ipv6
	$status = ($ipv6 -notmatch ":")
	$custom | Add-Member -type NoteProperty -name Disabled -value $status
	$out += $custom
}
$out

Open in new window

0
 
LVL 41

Expert Comment

by:footech
ID: 38785471
This DOES NOT work (at least not completely), but it's where I was headed with calculated properties.  Just leaving it here to see if it sparks an idea for anyone else (and to show how ridiculous one-liners can get).
Import-Module ActiveDirectory
Get-ADComputer -filter * | Select Name,@{ name = "IPv6Address"; expression = { (gwmi Win32_NetworkAdapterConfiguration -computername "$($_.name)" | Where {$_.IPEnabled -eq $True} ).IPAddress | Where {$_ -match ":"} }}, @{ name = "Disabled"; expression =  { (gwmi Win32_NetworkAdapterConfiguration -computername "$($_.name)" | Where {$_.IPEnabled -eq $True}).Ipaddress | % {($_ -notmatch ":")} } }

Open in new window

0
 

Author Comment

by:techgenious
ID: 38785710
Thanks but being a beginner, let me try your script and see what output I get.
Will it tell me if IPv6 is enabled?

thx
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 41

Expert Comment

by:footech
ID: 38787126
I've never seen a property that you can query directly to determine whether IPv6 is enabled.  The best I know of is to look at a machine's IP addresses, and if one is an IPv6 address, infer that it is enabled.  Test it in your environment with hosts that you know are configured one way or another and see how it works for you.
0
 

Author Comment

by:techgenious
ID: 38795626
Error messageThis is the error message when I run this on a DC and the RPC service is running
0
 
LVL 41

Expert Comment

by:footech
ID: 38795656
You will see this when it can't connect via WMI to the remote machine(s).  What OSes are you running?  Does the firewall configuration on all the remote machines allow inbound WMI traffic?
0
 

Author Comment

by:techgenious
ID: 38796642
Windows Server 2008 R2, the windows firewall is disabled on all machines.
0
 
LVL 41

Accepted Solution

by:
footech earned 1100 total points
ID: 38797388
Hmmm... perhaps if the WMI service wasn't running; also, if DNS records are incorrect.
Here's another version to provide some feedback on current operations.  It may help you with determining what's going on.  Once you've determined a problem machine, best advice I can give is to run the commands individually and start breaking them down to see what might be happening.  For instance, taking (gwmi Win32_NetworkAdapterConfiguration -computername "NameOfProblemComputer" -ea "Stop" | Where {$_.IPEnabled -eq $True} ).IPAddress | Where {$_ -match ":"} and removing the last pipe, then removing the ".ipaddress" property call, and so on.
Import-Module ActiveDirectory
$computers = Get-ADComputer -filter *
$out = @()
ForEach ($computer in $computers) 
{
  $i++
  Write-Progress -activity "Progress Indicator" -status "Testing Connection" -currentOperation "Checking computer ""$($computer.name)"" ($i of $($computers.count))" -percentComplete (($i/$computers.count) * 100)
  If (Test-Connection $($computer.name) -count 2 -quiet )
  {
    Write-Progress -activity "Progress Indicator" -status "Gathering WMI Info" -currentOperation "Checking computer ""$($computer.name)"" ($i of $($computers.count))" -percentComplete (($i/$computers.count) * 100)
    try
    {
      $ipv6 = (gwmi Win32_NetworkAdapterConfiguration -computername "$($computer.name)" -ea "Stop" | Where {$_.IPEnabled -eq $True} ).IPAddress | Where {$_ -match ":"}
      $custom = New-Object PSObject
      $custom | Add-Member -type NoteProperty -name ComputerName -value $computer.name
      $custom | Add-Member -type NoteProperty -name IPv6Address -value $ipv6
      $status = ($ipv6 -notmatch ":")
      $custom | Add-Member -type NoteProperty -name Disabled -value $status
      $out += $custom
    }
    catch { Write-Host "Unable to retrieve info from ""$($computer.name)""" }
  }
  Else { Write-Output "Couldn't ping ""$($computer.name)""" }
}
$out

Open in new window

0
 

Author Comment

by:techgenious
ID: 38797700
Thanks so much for this script:
When I run the script I get this:


  Write-Progress : Cannot validate argument on parameter 'PercentComplete'. The 933 argument is greater than the maximum allowed range of 100.
Supply an argument that is less than or equal to 100 and then try the command again.
At C:\IPV6.ps1:7 char:183
+ ... ercentComplete (($i/$computers.count) * 100)
+                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Write-Progress], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.WriteProgressCommand
 
Write-Progress : Cannot validate argument on parameter 'PercentComplete'. The 933 argument is greater than the maximum allowed range of 100.
Supply an argument that is less than or equal to 100 and then try the command again.
At C:\IPV6.ps1:10 char:185
+ ... ercentComplete (($i/$computers.count) * 100)
+                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Write-Progress], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.WriteProgressCommand
 
Write-Progress : Cannot validate argument on parameter 'PercentComplete'. The 967 argument is greater than the maximum allowed range of 100.
Supply an argument that is less than or equal to 100 and then try the command again.
At C:\IPV6.ps1:7 char:183
+ ... ercentComplete (($i/$computers.count) * 100)
+                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Write-Progress], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.WriteProgressCommand
 
Write-Progress : Cannot validate argument on parameter 'PercentComplete'. The 1000 argument is greater than the maximum allowed range of 100.
Supply an argument that is less than or equal to 100 and then try the command again.
At C:\IPV6.ps1:7 char:183
+ ... ercentComplete (($i/$computers.count) * 100)
+                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Write-Progress], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.WriteProgressCommand
 
Write-Progress : Cannot validate argument on parameter 'PercentComplete'. The 1000 argument is greater than the maximum allowed range of 100.
Supply an argument that is less than or equal to 100 and then try the command again.
At C:\IPV6.ps1:10 char:185
+ ... ercentComplete (($i/$computers.count) * 100)
+                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Write-Progress], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.WriteProgressCommand
0
 
LVL 41

Expert Comment

by:footech
ID: 38797885
Only way that could happen is if $i is greater than the number of computer accounts found by the Get-ADComputers cmdlet.  Add the statement $i = 0 anywhere before line 4 to make sure each time you run the script the count gets reset.
0
 

Author Comment

by:techgenious
ID: 38798662
IPv6 ComponentsI really appreciate this I've learned alot being a complete beginner.

One other question, when it checks disable IPv6 I noticed the components which I need to see if they are enabled or disabled, which is components of IPV6:
-- Tunnel Adapter isatap
-- Tunnel Adapter 6to4 adapter
-- Tunnel adapter Teredo Tunneling Pseudo-Interface


How can I add that into the script to see if they are enabled/disabled?
I need to inventory those components.

many thanks
0
 
LVL 41

Expert Comment

by:footech
ID: 38799497
Sorry, I'm not really sure what you're asking.  I'm not too familiar with the components you mentioned or how they're supposed to factor into the question here.  To my knowledge the components are present on a machine whether IPv6 is configured or not.  Perhaps if you could describe the situation better I could give you a better answer.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question