Month: February 2019

Microsoft: Manipulating Windows Network Adapter using PowerShell

by Samuel Mitchell, posted in Microsoft, Routing & Switching, windows, Windows server, Wireless

This article is about configuring the network adapter using PowerShell cmdlet:

To get a list of the names of physical network adapter, the following command was used:

Get-NetAdapter -Physical

To get the IP address assigned to the network adapter:

Get-NetIPAddress | Format-Table

To enable/disable the network adapter:

Enable-NetAdapter [-Name] “NetAdapterName”

Disable-NetAdapter [-Name] “NetAdapterName”

Restart-NetAdapter [-Name] “NetAdapterName”

To set dynamic IP address assignment for network adapter:

Set-NetIPAddress -AddressFamily IPv4 -PrefixOrigin Dhcp

To set static IP address for network adapter:

New-NetIPAddress -InterfaceIndex [NetAdapterIndex] -IPAddress 192.168.0.1 -PrefixLength 24 -DefaultGateway 192.168.0.5

Set-NetIPAddress -InterfaceIndex [index] -IPAddress 10.0.0.9 -PrefixLength 24

To set DNS IP address for network adapter:

Set-DnsClientServerAddress -InterfaceIndex 12 -ServerAddresses(“10.0.0.1”,“10.0.0.2”)

Or

Set-DnsClientServerAddress -InterfaceIndex 12 -ResetServerAddresses

For more commands and help on this topic, you can visit the Microsoft documentation site here.

Manipulating Windows Network Adapter using Network Shell

by Samuel Mitchell, posted in Microsoft, Routing & Switching, windows, Windows server, Wireless

This adventure of configuring the network adapter started when I required admin rights to modify the settings because UAC (User Access Control) was disabled which prevented the prompting of admin privilege. The challenge was that I did not want to log off or switch user account hence I had to resort to using elevated privilege for the command prompt and utilize the network shell.

To get a list of the names of network adapter, the following command was used:

netsh interface show interface

To get the IP address assigned to the network adapter:

netsh interface ipv4 show addresses

To enable/disable the network adapter:

netsh interface set interface name=”NameOfInterface” admin=[ENABLED/DISABLED]

To set dynamic IP address assignment for network adapter:

netsh interface ipv4 set address source=dhcp

To set static IP address for network adapter:

netsh interface ipv4 set address static 10.0.0.9 255.255.255.0 10.0.0.1

To set DNS IP address for network adapter:

netsh interface ipv4 set dnsservers source=dhcp

Or

netsh interface ipv4 set dnsservers static 10.0.0.10 primary

For WLAN network adapter:

netsh wlan show interfaces

Show the Wireless networks broadcasting:

netsh wlan show networks

Show the WLAN profiles on computer:

netsh wlan show profiles

Connect to one of the WLAN profile configured on computer:

netsh wlan connect name=[ProfileName]

Disconnect from the currently connected WLAN SSID

network wlan disconnect name=[InterfaceName]

For more commands and help on this topic, you can visit the Microsoft documentation site here.

Manipulating the DHCP Server using Powershell

by Samuel Mitchell, posted in Microsoft, windows, Windows server

This article will go through the cmdlet to successfully configure DHCP services on a Windows server using Powershell.

Firstly you can start a Powershell session on the DHCP server using the following command: It will prompt for the credential using the Get-Credential command.

Enter-PSSession -ComputerName [DHCPServerName] -Credential (Get-Credential)

Create an IPv4 DHCP Scope for 10.10.10.0 name Ground Floor with range 10-200 on server DC1.domain.com

Add-DhcpServerv4Scope -StartRange “10.10.10.10” -EndRange “10.10.10.200” -SubnetMask “255.255.255.0”-Name “Ground Floor” LeaseDuration [day.hrs:mins:secs]-ComputerName “DC1.domain.com” -Description “Subnet for Data VLAN on Ground Floor” -State [Active/InActive]

Configure the Scope 10.10.10.0 DHCP server DNS, Domain, Gateway, WINS and wpad settings

Add-DhcpServerv4OptionValue -ScopeId 10.10.10.0 -Router 10.10.10.1 -DnsDomain “domain.com” -DnsServer 10.10.10.250 WinsServer 10.10.10.251 -Wpad http://proxy.domain.com/wpad.dat” -ComputerName “DC1.domain.com”

Note: To configure the options above at the reservation level replace the parameter ReservedIP and for setting it at the server level, exclude both ReservedIP and ScopeId parameters.

Show the DHCP server IPv4 Scope

Get-DhcpServerv4Scope [-ComputerName “DC1.domain.com”] [[-ScopeId] 10.10.10.0]

Change a DHCP Server Scope Settings

Set-DhcpServerv4Scope [-Type [DHCP|Bootp|Both]] [-ScopeId] 10.10.10.0 [-Description Scope for data vlan for 10.10.10.0“] [-LeaseDuration day.hrs:mins:secs] [-Name “Ground Floor”]  [-ComputerName “DC1.domain.com”]  -StartRange 10.10.0.20  -EndRange 10.10.10.200

Remove a DHCP server IPv4 Scope

Remove-DhcpServerv4Scope [-ScopeId] 10.10.10.0 [-Force] [-ComputerName “DC1.domain.com”]

 

Create a reservation for IP address 10.10.10.100 on DHCP server DC1.domain.com

Add-DhcpServerv4Reservation -ScopeId 10.10.10.0 -IPAddress 10.10.10.100 -ClientId [usually-MAC-address] -ComputerName DC1.domain.com -Description “Reservation for Kiosk PC”

Listing the DHCP Server Scope

Get-DhcpServerv4Scope -ComputerName [DHCPServerName] -ScopeId [IPAddress]

Get the List of DHCP Server Options

Get-DhcpServerv4OptionValue -ScopeId [IPAddress][-All -Brief] -ReservedIP [SpecificIP]

Note: Exclude the ReservedIP parameter to list the values at the scope level and exclude ScopeId parameter to list the values at the server level.

Get the interface and IP address that the DHCP server service is bound

Get-DhcpServerv4Binding -ComputerName “DC1.domain.com”

Set the interface that the DHCP server service will be bound

Set-DhcpServerv4Binding -ComputerName “DC1.domain.com” -BindingState $true -InterfaceAlias “Wired Ethernet Connection”

Set the Boot server Host Name (option id ) for the DHCP server scope of 192.168.0.0 

Set-DhcpServerv4OptionValue -OptionId 3 -Value 192.168.0.1 -ScopeId 192.168.0.0

List the DHCP server IPv4 address lease

Get-DhcpServerv4Lease -ScopeId 10.10.10.0 [-IPAddress 10.10.10.25] [ClientId 00-00-fe-3e-b0-01] [-BadLeases] [-AllLeases] -ComputerName “DC1.domain.com”

Note: Using the IPAddress parameter return lease for specific IP address. Using the ClientId parameter returns only lease for client mac. Using the BadLeases returns only bad leases. Using the AllLeases parameter includes all leases including Offered, Declined and Expired.

 

Removing a DHCP server IPv4 address lease

Remove-DhcpServerv4Lease -ScopeId 10.10.10.0 [-IPAddress 10.10.10.25] -ClientId [00-54-fe-ed-00] [-BadLeases] [-ComputerName “DC1.domain.com”]

Note: same rule applies as the Get cmdlet for this command.

Get ten (10) Free IP Address from the DHCP server from the scope 10.10.10.0 in the range 10.10.10.50-100

Get-DhcpServerv4FreeIPAddress -ScopeId 10.10.10.0 -NumAddress 10 -StartAddress 10.10.10.50 -EndAddress 10.10.10.100

Add a DHCP Scope of IPv4 Excluded Range

Add-DhcpServerv4ExclusionRange [-ComputerName “DC1.domain.com“] [-ScopeId] 10.10.10.0 [-StartRange] 10.10.10.200 [-EndRange] 10.10.10.250

Show the DHCP Scope of IPv4 Address Excluded Range

Get-DhcpServerv4ExclusionRange [-ComputerName “DC1.domain.com“] [[-ScopeId] 10.10.10.0]

Remove an DHCP Scope of IPv4 Address Excluded Range

Remove-DhcpServerv4ExclusionRange [-ComputerName “DC1.domain.com”] [-ScopeId] 10.10.10.0 [[-StartRange] 10.10.10.200] [[-EndRange] 10.10.10.250]

 

Retrieves the DHCP server scope statistics which includes Free, In Use, Reserved, Pending and Percentage in use IP address

Get-DhcpServerv4ScopeStatistics [[-ScopeId] 10.10.10.0] [-ComputerName “DC1.domain.com”] [-Failover]

Using Powershell to manipulate File Server Resource Manager

by Samuel Mitchell, posted in Microsoft, windows, Windows server

This article is to share information on how to use PowerShell to manipulate the File Server Resource Manager (FSRM) which is used to do quota management on a file server.

Setting the FSRM Quota for a shared path

Set-FsrmQuota -Path ‘U:\PathOFShare‘ -Description “Soft Limit set on to 10 GB” -Size 10GB [-SoftLimit] [-Threshold (New-FsrmQuotaThreshold -Percentage 85)] [-Disabled]

Set-FsrmQuota

View the File Server Resource Manager (FSRM) information for a shared path

Get-FsrmQuota -PathU:\UserPAthName

Creating a new FSRM Quota Template

new-FsrmQuotaTemplate -Name “Test” -Threshold (New-FsrmQuotaThreshold -Percentage 85) -Description “Test” -Size 10Gb

New-FsrmFileScreen -Path ”U:\PathToShare” [-Active] -Description “Screen Files for videos and music” -IncludeGroup “Audio and Video Files”

Performing an Offline Domain Join – AD DS

by Samuel Mitchell, posted in Microsoft, windows, Windows server

Provisioning a offline domain joined file for a computer:

  1. Logon to a writeable Domain Controller
  2. Open the command prompt (cmd)
  3. Use command:

Djoin /provision /domain <mydomain.com> /machine <computername> /savefile <filename.txt> /machineou <Computers> /dcname <DC1> /reuse

Joining a computer to the Domain offline:

Djoin /requestodj /loadfile <filename.txt> /windowspath <%windir%> /localos

The computer will restart and when it is up, the computer is on the domain.

Reference: https://technet.microsoft.com/en-us/library/offlinedomain-join-djoin-step-by-step(v=ws.10).aspx

Setting up a Read-only Domain Controller (RODC) using the Staging method

by Samuel Mitchell, posted in Microsoft, Uncategorized, windows, Windows server

In this article, the steps required to setup a Read-only Domain Controller (RODC) for a remote office to authenticate users.

The demonstrataction of this configuration is done using the Active Directory Users and Computers (ADUC) console and performing the same task using Powershell.

The first set of instructions is using Powershell to install the RODC:

Step 1 – Create a normal AD user account

Logon to a writeable Domain Controller and open the Powershell commandline to execute the following commands.

This command is to add a new user account that will perform this task but if a user already exist, this step can be skipped.

New-ADUser -Name Sam -SamAccountName Sam -UserPrincipalName Sam -AccountPassword (Convertto-SecureString -AsPlainText ‘Pa$$w0rd’ -Force)

The command adds user Sam with password and setting the principal name and account to Sam.

Step 2 – Pre-create the Read-only Domain Controller computer account

To pre-create the RODC computer account, run the command below which adds the account to AD. The user account Sam which has no Administrative privileges will be delegated to join the RODC server to the domain.

Add-ADDSReadOnlyDomainControllerAccount -DomainControllerAccountName DC-RO -SkipPreChecks -delegatedAdministratorAccountName Sam -DomainNam ‘mydomain.com’ -SiteName Default-First-Site-Name

Let the user run the following Powershell commands on the prospective RODC server which should not be on the domain.

Step 3 – Install the Active Directory Domain Services on the prospective RODC

Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools

Step 4 – Promote the server to the role of a RODC

Install-ADDSDomainController -DomainName ‘mydomain.com’ -Credential (Get-Credential) -UseExistingAccount

The command will prompt for the delegated account create earlier or the account that was delegated and the Directory Service Restore Mode password (SafeModeAdministratorPassword) to perform this task. Once, the process is completed, the server is going to restart and then the RODC is ready for use.

Reference: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/rodc/install-a-windows-server-2012-active-directory-read-only-domain-controller–rodc—level-200-