Using the PowerShell Get-DhcpServ4Lease Cmdlet

2016-01-31T12:00:00Z

During the course of normal day-to-day system administration I found on a number of occasions that I had PTR records that would not resolve. I suspected there was an issue with the configuration of the DHCP Server running on our Microsoft AD Domain. My first step was confirming the problem. In doing so, I turned to the Get-DhcpServerv4Lease and Resolve-DnsName PowerShell cmdlets, both of which are available in Windows Server 2012 r2 and Windows 8.1.

First I create an empty array with:

$dnsCheck = @()

The next step is to retreive all of the DHCP leases:

Get-DhcpServerv4Lease -ScopeId "192.168.0.0" -ComputerName <myDnsServer>.<myDomainName>.<myTld>

I then pipe that into a foreach statement:

$dnsCheck = @()
Get-DhcpServerv4Lease -ScopeId "192.168.0.0" -ComputerName <myDnsServer>.<myDomainName>.<myTld> | `
    %{ if($_.HostName){ echo "do stuff" }

If the DHCP lease has a host name, I then create a new PowerShell object with the HostName and MAC Address and add it to the empty array I created at the start of the script:

...
%{ if($_.HostName){
    $dnsCheck += (New-Object PSObject -Property @{
                        HostName = $_.HostName.Split(".")[0]
                        MacAddress = $_.ClientId
}

Then I add two new boolean properties to the PowerShell object, one called "AResolved" which indicates whether the DHCP client can be resolved by a DNS forward lookup (by A or Address record) and a second called "PtrResolved" which indicates whether the DHCP client can be resolved by DNS reverse lookup (by PTR or Pointer Record):

...
$dnsCheck +=    (New-Object PSObject -Property @{
                    HostName = $_.HostName.Split(".")[0]
                    MacAddress = $_.ClientId
                    AResolved = [bool](Resolve-DnsName -Name $_.HostName -Server dun-ad01 -DnsOnly -NoHostsFile -ErrorAction SilentlyContinue)
                    PtrResolved = [bool](Resolve-DnsName -Name $_.IPAddress.IPAddressToString -Server dun-ad01 -DnsOnly -NoHostsFile -ErrorAction SilentlyContinue)
                    }
                }

All that remains is to throw all this together and query the resultant array of PowerShell objects:

$dnsCheck = @()
Get-DhcpServerv4Lease -ScopeId "192.168.0.0" -ComputerName <myDnsServer>.<myDomainName>.<myTld> | `
    %{ if($_.HostName){
        $dnsCheck += (New-Object PSObject -Property @{
                            HostName = $_.HostName.Split(".")[0]
                            MacAddress = $_.ClientId
                            AResolved = [bool](Resolve-DnsName -Name $_.HostName -Server dun-ad01 -DnsOnly -NoHostsFile -ErrorAction SilentlyContinue)
                            PtrResolved = [bool](Resolve-DnsName -Name $_.IPAddress.IPAddressToString -Server dun-ad01 -DnsOnly -NoHostsFile -ErrorAction SilentlyContinue)
                }
            )
        }
    }

$dnsCheck | Where-Object {$_.AResolved -eq $false -or $_.PtrResolved -eq $false} | Select-Object -Property HostName,MacAddress,AResolved,PtrResolved

The result looks something like:

HostName                                        MacAddress                                                                            AResolved                                    PtrResolved
--------                                        ----------                                                                            ---------                                    -----------
wigam                                           08-00-27-73-25-40                                                                         False                                           True
homer                                           08-00-27-44-1c-94                                                                         False                                          False
marge                                           08-00-27-73-25-41                                                                         False                                          False

As you can see, in this example, I have three hosts with missing DNS A records and two hosts with missing DNS PTR records. The problem turned out to be incorrect credentials in the DHCP configuration for applying the DNS Dynamic Updates. Updating these credentials and releasing/renewing the leases on the affected clients resolved the problem.