customer relationships

How To Build An Active Directory Site Inventory Report With PowerShell

If you’re having to deal with hundreds of subnets and multiple Active Directory sites, this PowerShell script will allow you to quickly build an inventory report listing all of your AD sites and subnets.

Building An AD Site Inventory Report

To do this, you’ll first need to ensure you’re either on a Windows Server 2008 R2 (or higher) domain controller or you’re on a domain-joined computer with all of the appropriate permissions to enumerate the AD sites and subnets. I’m going to assume you’re going to be running this script from a domain-joined computer. It’s not good practice to run scripts directly on the domain controller.

In order to query AD from a domain-joined computer you’ll need to download and install the Remote Server Administration Tools if you haven’t already. In RSAT you’ll find the Active Directory module, which we’ll be using various cmdlets from.

Once you’ve got the Active Directory module set up, we’ll first need to figure out how to enumerate all of your sites. To do this, we have a cmdlet called Get-ADReplicationSite that we’ll need to use.

Get-ADReplicationSite -Filter *

Using the Filter parameter with an asterisk allows us to find all of the sites in AD. This is great but doesn’t have any references to the subnets assigned to each site. For that, we’ll need to use the Get-ADReplicationSubnet cmdlet.

Get-ADReplicationSubnet –Filter *

 

You’ll see that I have three subnets each assigned to Sites 1-3. This is perfect because not only does this cmdlet give me the subnets but it also gives me the sites that the subnets are assigned to. We don’t have to use two different cmdlets to find the subnet to site relationships.

What I’d like to see is a nice breakdown of each site and all of the subnets assigned to the site. To get this output, I’m going to first eliminate all of the properties that I don’t want to see and only include the subnet name and the site it’s a part of using Select-Object. Next, since I want to easily see each subnet that’s part of a site I’ll group them all together by site.

Get-ADReplicationSubnet -Filter * | Select-Object Name,site | Group-Object site

 

We’re getting closer! The site name is still in a distinguished name format and the subnets are hidden in that Group property.

Let’s use some calculated properties and build two new properties called Name and Subnets. These will contain just the name of the site along with a list of all subnets associated with that site under the Subnets property.

Get-ADReplicationSubnet -Filter * | select Name,site | group site | select @{Name=’Name’;Expression={$_.Name.Split(‘,’)[0].Trim(‘CN=’)}},@{Name=’Subnets’;Expression={$_.Group.Name}}

If you’ve never used calculated properties before this might look foreign to you so I’ll break it down. Calculated properties allow you to define a hashtable with a custom property name and value. In this instance, I’m using two hashtables to create two properties called Name and Subnets. The values that each of the properties holds is defined by an expression in a scriptblock. For the name property, I’m having to do a little string manipulation using the Split() method to carve out the site name. Since the Group property was another object altogether and Subnets was a property of that, I’m just outputting each of the subnet names of that property for the Subnets property.

With that being said, my output now looks something like this:

 

This looks much better! I hope this PowerShell script comes in handy the next time you have to put together an AD site inventory report.

one click social media designs

Leave a Reply

Your email address will not be published. Required fields are marked *