A customer of mine needed to check if a specific IP address was within any of the IP range boundaries that was present in ConfigMgr. I did some research on how this could be scripted, and found out that there’s a System.Net.IPAddress class that could be leveraged. The final script that I came up with is able to check if an IP address fall within any boundary, and if it does it returns the boundary description or range value. If the IP address would be within several boundaries, all results will be shown. By designing the script this way, it could also be used to check for overlapping boundaries (thanks to David O’brien for pointing that out to me!)
How to use the script
This script is looking for IP addresses that fall within any of the configured IP range boundaries. At the moment it doesn’t work with Subnet or AD Site boundaries. Save the script from below and call it e.g. Get-IPAddressBoundary.ps1. I’ve saved it to C:\Scripts on my Primary Site server.
1. Open an elevated PowerShell console.
2. Browse to the folder where you saved the script, and run the following command:
.\Get-IPAddressBoundary.ps1 -SiteServer CM01 -IPAddress 192.168.1.20
Note: Change CM01 and 192.168.1.20 to values that works in your environment.
3. When the above command has been executed, if the script will match an IP range boundary to the entered IP address, it will output either the Description of the boundary or the value of the range.
If no matches was found, the script will output that it didn’t find the IP address to be within any of the configured IP range boundaries.
The script
param(
[parameter(Mandatory=$true)]
$SiteServer,
[parameter(Mandatory=$true)]
$IPAddress ) function Get-CMSiteCode { $CMSiteCode = Get-WmiObject -Namespace “root\SMS” -Class SMS_ProviderLocation -ComputerName $SiteServer | Select-Object -ExpandProperty SiteCode return $CMSiteCode } $Results = 0 $Boundary = Get-WmiObject -Namespace “root\SMS\site_$(Get-CMSiteCode)” -Class SMS_Boundary -Filter “BoundaryType = 3” $BoundaryCount = ($Boundary | Measure-Object).Count if ($BoundaryCount -ge 1) { $Boundary | ForEach-Object { $BoundaryName = $_.DisplayName $BoundaryNameLength = $_.DisplayName.Length $BoundaryValue = $_.Value.Split(“-“) $IPStartRange = $BoundaryValue[0] $IPEndRange = $BoundaryValue[1] $ParseIP = [System.Net.IPAddress]::Parse($IPAddress).GetAddressBytes() [Array]::Reverse($ParseIP) $ParseIP = [System.BitConverter]::ToUInt32($ParseIP, 0) $ParseStartIP = [System.Net.IPAddress]::Parse($IPStartRange).GetAddressBytes() [Array]::Reverse($ParseStartIP) $ParseStartIP = [System.BitConverter]::ToUInt32($ParseStartIP, 0) $ParseEndIP = [System.Net.IPAddress]::Parse($IPEndRange).GetAddressBytes() [Array]::Reverse($ParseEndIP) $ParseEndIP = [System.BitConverter]::ToUInt32($ParseEndIP, 0) if (($ParseStartIP -le $ParseIP) -and ($ParseIP -le $ParseEndIP)) { if ($BoundaryName.Length -ge 1) { $Results = 1 Write-Output “`nIP address ‘$($IPAddress)’ is within the following boundary:” Write-Output “Description: $($BoundaryName)`n” } else { $Results = 1 Write-Output “`nIP address ‘$($IPAddress)’ is within the following boundary:” Write-Output “Range: $($_.Value)`n” } } } if ($Results -eq 0) { Write-Output “`nIP address ‘$($IPAddress)’ was not found in any boundary`n” } } else { Write-Output “`nNo IP range boundaries was found`n” }
Does this have to be run on the ConfigMgr server? I am getting an invalid namespace error.
Hi Chaz,
SiteServer parameter needs to the server where the SMS Provder is installed.
Regards,
Nickolaj
Not working, nothing happend.
Hey Nickolaj,
I tweaked your script a bit to return back Objects and uploaded it to Technet. Mentioned you as the Author 😉
https://gallery.technet.microsoft.com/Get-Boundaries-an-5fa3a1c4
Regards,
Dexter
Awesome Dexter! Cool stuffs 🙂
It does not account for multiple SMS Provider’s, and thus fails when more than one SMS Provider exists.
$CMSiteCode = Get-WmiObject -Namespace “root\SMS” -Class SMS_ProviderLocation -ComputerName $SiteServer | Select-Object -ExpandProperty SiteCode
Hi, I do get the same error above on the CAS, is there a way to make this script work?