Working with DHCP failover information in a Windows Server 2012 environment

In this article, we will discuss about a method to get the information regarding DHCP failover configuration in our domain and the corresponding DHCP servers names (Primary and Secondary). Along with DHCP servers Names, we would also get information such as  Scope ID, Subnet mask, Start and End range. All this data collected would then be appended to a csv file.

A point to be noted here is that prior to windows server 2012, DHCP failover could only be possible in a Windows server based cluster environment, But going further with windows server 2012, DHCP failover can be very easily configured from DHCP console between two nodes. Step-by-Step: Configure DHCP for Failover This link gives a background of what i mentioned here along with some more information. Therefore following discussion will be applicable only for Windows Server 2012 setups or newer.

[threading.thread]::CurrentThread.CurrentCulture = 'en-US'
$CurrentDate = Get-Date -format dddd
$CSVFile = "C:\Dhcp_report_$CurrentDate.csv"
$machines = Get-DhcpServerInDC

"DHCPServer,SecondaryDHCPServer,ScopeName,ScopeID,Subnetmask,Startrange,Endrange" |out-file -FilePath $CSVFile -append

foreach ($machine in $machines)
{
$DHCPName = $machine.dnsname
if ($DHCPName -notin @("server01.company.corp","server02.company.corp")){
$AllScopes = Get-DhcpServerv4Scope -ComputerName $DHCPName
foreach ($scope in $AllScopes)
{
$ScopeName = $scope.Name
$ScopeId = $scope.ScopeId
$failoverscope = Get-dhcpserverv4failover -ComputerName $DHCPName -ScopeId $ScopeId -ErrorAction SilentlyContinue
if ($failoverscope) {
$SecDHCP = ($failoverscope.SecondaryServerName)
}
else {
$SecDHCP = "no failover"
}
$Subnetmask = $scope.subnetmask
$Startrange = $scope.startrange
$Endrange = $scope.endrange
$OutInfo = ($DHCPName).Replace(".company.corp","") + "," + ($SecDHCP).Replace(".company.corp","") + "," +$ScopeName + "," + $ScopeId+ "," + $Subnetmask + "," + $Startrange + "," + $Endrange
Write-Host $OutInfo
Add-Content -Value $OutInfo -Path $CSVFile
}
}
}

DHCP Server Cmdlets in Windows PowerShell will give a full list of powershell commands associated with DHCP.

Alerting if a change of failover is detected

Now with the same commands we shall create another script that will first search for all authorised DHCPs in the domain, then it will sequentially scan through a list of servers to see if they are authorised. Also it will see if their is a change of failover state of dhcp from main DHCP to partner DHCP server. Then it will also check if DHCP services are up and running if the main DHCP server’s failover state is active.

We can even insert a code module for sending mails if an unexpected change of failover state has happened. This script could be scheduled in task scheduler to perform this check regularly to avoid any unwanted changes.

$authdhcps=Get-DhcpServerInDC|select dnsname
$machines = get-content "c:\servers.txt"
foreach ($machine in $machines)
{

if ($authdhcps -match [System.Net.Dns]::GetHostByName("$machine").HostName){
write-host $machine "is authorised dhcp server"
$a=get-dhcpserverv4failover -computername $machine

if ($a.serverrole -eq "Active"){
$p = $a.partnerserver
Write-host "$machine is active and $p is in standby. Now checking DHCP server and client service status."
$dhcpServices = Get-Service -ComputerName $machine -Name *dhcp*

foreach ($dhcpService in $dhcpServices){

if ($dhcpService.Status -eq "Running"){
Start-Service $dhcpService
Write-Host "Starting " $dhcpService.DisplayName " service on $machine"
" ---------------------- "
" Service is now started"
}

else{
Write-Host $dhcpService.DisplayName "service is already started on $machine"
}
}
}
}

else{
write-host $machine "is not authorised dhcp server"
}

else{
Write-host "$machine is standby and now checking if partner server $p is authorised dhcp server"

if ($authdhcps -match [System.Net.Dns]::GetHostByName("$p").HostName){
write-host $p "is authorised dhcp server.Now checking DHCP server and client service status"
$dhcpServices = Get-Service -ComputerName $p -Name *dhcp*

foreach ($dhcpService in $dhcpServices){

if ($dhcpService.Status -eq "Running"){
Start-Service $dhcpService
Write-Host "Starting " $dhcpService.DisplayName " service on $p"
" ---------------------- "
" Service is now started on partner $p"
}

else{
Write-Host $dhcpService.DisplayName "service is already started on partner $p"
}
}
}

else{
write-host $p "is not authorised dhcp server"
}
}
}

Lastly we can see that there are are two ways by which we can get FQDN or DNS name of a server as can be seen in each of the above two scripts.

First is,

$DHCPName = $machine.dnsname

And second will be,

[System.Net.Dns]::GetHostByName("$p").HostName

Another fun thing that can create confusion at many times is that prior to windows server 2012, the service status would be “started” if it is running fine.

Whereas going forward with windows server 2012, the service status would be “running” if it were running.

Please excuse for poor script formatting 🙂

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s