Use PowerShell to Create IPv4 Scopes on Your DHCP Server
Summary: Microsoft Scripting Guy, Ed Wilson, talks about using Windows PowerShell to create IPv4 scopes on a Windows Server 2012 DHCP server.
Microsoft Scripting Guy, Ed Wilson, is here. As I expected, it is cold, wet, and rainy in Redmond this week. Oh well, the cool thing is getting together with my teammates. The neat thing about Microsoft is that everyone is smart. The bad thing is that, working remotely, I do not get the benefit of spending time with them. So when we have meetings, it is always a great time for breakfast meetings, lunch meetings, dinner meetings, and even evening conversations. Luckily, I brought a nice assortment of tea with me, and believe me, this is great tea weather.
Note This is the fifth article in a series of Hey, Scripting Guy! Blog posts where I talk about using Windows PowerShell to work with Microsoft DHCP servers. I began the series with Use PowerShell to Query AD DS for DHCP Servers, in which I talked about using the Get-ADObject cmdlet to query for DHCP servers. I followed this with Use PowerShell Functions to Authorize DHCP Servers. In this blog post, I talked about using several Windows PowerShell functions from the DHCPServer module. I query for DHCP servers, authorize DHCP servers, and deauthorize DHCP servers in this post. Next, I wrote Weekend Scripter: DHCP Address Conflict Detection in which I talked about making changes to the DHCP server configuration. Yesterday, I wrote Weekend Scripter: Parsing the DHCP Database? No Way! Today’s post builds on these articles, and I recommend you read them in order as I am not level-setting in each article.
Use PowerShell to create DHCP scopes
If I only need to create a single DHCP scope, I will normally use the DHCP tool. After all, I have the Remote Server Admin Tools (RSAT) installed on my laptop running Windows 8, and I even have a custom MMC that contains all of the normal tools I use on a regular basis.
However, if I have more than one DHCP scope to create, I use the Add-DhcpServerv4Scope function to create the scope. In fact, the function is so easy to use, and so fast, that if Windows PowerShell is already open (which on my computer is a given), I can click on the shortcut for my management MMC, switch to Windows PowerShell, and create the DHCP scope before the MMC fully loads and presents the GUI.
In the command that follows, I create a new DHCP scope named bogus scope. I assign an address range of 192.168.5.1 – 192.168.5.100. I use a /24 subnet mask of 255.255.255.0. I also specify the description as ‘created for HSG article’. The name of the DHCP server is WDS1. Here is the command I created to accomplish this task.
Add-DhcpServerv4Scope -Name ‘bogus scope’ -StartRange 192.168.5.1 -EndRange 192.168.5.100 -SubnetMask 255.255.255.0 -Description ‘created for HSG article’ –cn wds1
Well, the MMC has finally made an appearance, so I switch to that to verify the scope is correct. The image that follows illustrates this.
Interestingly enough, I consider it a best practice with DHCP to add the description to the scope. Unfortunately, the default view of the DHCP tool does not display the description property. Instead, I have to right-click the scope, select Properties, and on the General tab on the bottom, I can find the description of the scope. But there is no way, that I know of, to see all scopes, their names, and their descriptions at the same time. This, however, is really easy to do by using Windows PowerShell. I simply select the scopeid, name, and description from the values returned by the Get-DhcpServerv4Scope function. This command and its associated output are shown here.
16:59 C:\> Get-DhcpServerv4Scope -cn wds1 | select scopeid, name, description
ScopeId name description
——- —- ———–
192.168.0.0 lan new lan
192.168.2.0 WireLess Scope for WireLess Devices
192.168.3.0 Autodeploy Scope for WDS
192.168.5.0 bogus scope created for HSG article
Delete a DHCP scope
Deleting a DHCP scope is dangerously easy. All I need to do is to run the Remove-DhcpServerv4Scope function and specify the scope ID. No force, no confirm, no whatever. If I have the rights to do it, Windows PowerShell obliges. Additionally, nothing returns from running the function, as shown here.
Remove-DhcpServerv4Scope -ScopeId 192.168.5.0 -cn wds1
I use the Get-DhcpServerv4Scope function to verify the command works as desired. The following illustrates both the command and the output from the command.
17:01 C:\> Get-DhcpServerv4Scope -cn wds1
ScopeId SubnetMask Name State StartRange EndRange
——- ———- —- —– ———- ——–
192.168.0.0 255.255.255.0 lan Active 192.168.0.40 192.168.0.90
192.168.2.0 255.255.255.0 WireLess Active 192.168.2.50 192.168.2.99
192.168.3.0 255.255.255.0 Autodeploy Active 192.168.3.1 192.168.3…
Best practice when deleting scopes? Use –whatif first!
Ok, so it is really easy to delete DHCP scopes in Windows PowerShell. On a production server, I do not want to get careless and hose my infrastructure. So, as a best practice, I use the –whatif parameter first to ensure that the command does exactly what I think it will do. In the following commands, I re-create my DHCP scope, and then use the –whatif parameter to verify that the command removes the appropriate scope.
PS C:\> Add-DhcpServerv4Scope -Name ‘bogus scope’ -StartRange 192.168.5.1 -EndRange 192.168.5.100 -SubnetMask 255.255.255.0 -Description ‘created for HSG article’ –cn wds1
PS C:\> Remove-DhcpServerv4Scope -ScopeId 192.168.5.0 -cn wds1 -WhatIf
What if: The scope 192.168.5.0 will be removed from server wds1. This scope is active. Any leases present in the scope will also be deleted.
After I verify that the command does what I want it to do, I use the Up Arrow to retrieve the command, and I remove the –whatif switch, as shown here.
PS C:\> Remove-DhcpServerv4Scope -ScopeId 192.168.5.0 -cn wds1
Join me tomorrow when I will talk about more cool Windows PowerShell stuff.
I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at firstname.lastname@example.org, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.
Ed Wilson, Microsoft Scripting Guy