Tag Archives: automation

Automating DHCP Scope Option Removal with PowerShell

Leave a reply

If you’re managing a large network with multiple DHCP servers, you know how tedious it can be to manually remove DHCP scope options. Fortunately, PowerShell can help automate the process and make network management much more efficient. In this post, we’ll walk you through a PowerShell function that can remove DHCP scope options with just a few lines of code.

The “Remove-DhcpScopeOptions” Function

The “Remove-DhcpScopeOptions” function takes two parameters: the name of the DHCP server and a switch for the “-WhatIf” parameter. The “-WhatIf” parameter allows you to see what the function would do without actually making any changes.

function Remove-DhcpScopeOptions {
  [CmdletBinding(SupportsShouldProcess=$true)]
  param (
    [Parameter(Mandatory=$true)]
    [string]$ComputerName,
    [switch]$WhatIf
  )

  # Get all DHCP scopes on the server
  $scopes = Get-DhcpServerv4Scope -ComputerName $ComputerName

  # Get all options for the DHCP server
  $serverOptions = Get-DhcpServerv4OptionValue -ComputerName $ComputerName

  # For each scope, get the options and compare them to the server-level options
  foreach ($scope in $scopes) {
    $scopeOptions = Get-DhcpServerv4OptionValue -ScopeId $scope.ScopeId -ComputerName $ComputerName

    # For each option in the scope, check if it exists at the server level with the same value
    foreach ($option in $scopeOptions) {
      $serverOption = $serverOptions | Where-Object { $_.OptionId -eq $option.OptionId }
      if ($serverOption -ne $null -and $serverOption.Value -eq $option.Value) {
        # If the option exists at the server level with the same value, remove it from the scope
        if ($WhatIf) {
          Write-Host "What if: Removing option $($option.OptionId) from scope $($scope.ScopeId) on DHCP server $ComputerName."
        } else {
          Remove-DhcpServerv4OptionValue -ScopeId $scope.ScopeId -OptionId $option.OptionId -ComputerName $ComputerName -Confirm:$false
        }
      }
    }
  }

  # Replicate the scopes to all DHCP servers in the enterprise
  if (!$WhatIf) {
    Invoke-DhcpServerv4ReplicateScopes -ComputerName $ComputerName
  }
}

How it Works

The “Remove-DhcpScopeOptions” function works by first getting all DHCP scopes on the server using the “Get-DhcpServerv4Scope” cmdlet. It stores the results in the $scopes variable. It then gets all options for the DHCP server using the “Get-DhcpServerv4OptionValue” cmdlet and stores the results in the $serverOptions variable.

For each DHCP scope, the function gets the options using the “Get-DhcpServerv4OptionValue” cmdlet and stores the results in the $scopeOptions variable. It then compares the options in each scope to the server-level options and removes any options that exist at the server level with the same value. Finally, the function replicates the scopes to all DHCP servers in the enterprise.

Example

Remove-DhcpScopeOptions -ComputerName "dhcpserver01" -WhatIf
Advertisement

Prettify/Format LDAP Queries using Powershell

Leave a reply

When working with LDAP queries in PowerShell, it can be challenging to keep track of all the parentheses and other syntax that’s required. This is especially true for complex queries that include multiple filters and logical operators. Fortunately, there’s a simple PowerShell script that can help make these queries more readable and easier to work with.

Here’s the script:

$ldap = "(&(&(objectCategory=person)(objectClass=user))(lastLogonTimestamp<=128752108510000000)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"

$ldap = $ldap -replace '\(([\&\|\!]+)', "(`$1`n"
$ldap = $ldap.replace(')', ")`n")

$lines = $ldap.split("`n")
$indent = 0
$new_lines = ForEach ($line in $lines) {
    if  ($line -eq ")") {
        $indent--
    }

    ("`t" * $indent) + $line

    if ($line -eq "(&" -or $line -eq "(|" -or $line -eq "(!") {
        $indent++
    }
}

$new_lines

What this script does is take an LDAP query string, such as the one shown above, and format it so that each filter and operator is on its own line with appropriate indentation. This makes it much easier to read and understand the query, especially if it’s a complex one.

To use the script, simply replace the query string in the first line with your own LDAP query. Then, run the script and the formatted query will be output to the console.

By using this script to format your LDAP queries, you’ll save time and reduce errors when working with complex filters and logical operators. Plus, it’s a great way to make your PowerShell scripts more readable and maintainable.

Results in a nicely formatted query:

(&
	(&
		(objectCategory=person)
		(objectClass=user)
	)
	(lastLogonTimestamp<=128752108510000000)
	(!
		(userAccountControl:1.2.840.113556.1.4.803:=2)
	)
)