Auditing Network Adapters with Powershell

Those boring network auditing tasks you have to do are now going to be a breeze with Powershell. With technologies like WMI accessible from Powershell there is virtually no limit to what you can do. I’m going to publish a series of articles showing how Powershell can be used to document your server and network. First here is a Powershell script that can be used to document networking settings on a host.

?View Code POWERSHELL
# Function used for coalesce
function coalesce($param)
{
	if($param -eq $null)
	{
		$param = "<not configured>";
	}
	return $param;
}
 
function appendToFile
{
	param ([string]$computer, [string]$adapterLine);
	$fileName = "C:\$computer" + [string]"_" + [string]"NetworkAdapters.csv";
	# Does the file already exist?
	if(Test-Path $fileName)
	{
		# Append text to file
		Add-Content $fileName $adapterLine | Out-Null;
	}
	else
	{
		# Create the file
		New-Item $fileName -type file | Out-Null
		# Append the headers
		Add-Content $fileName "adapterName,MACAddress,ipAddress,DefaultIPGateway,DHCPEnabled,DHCPServer,DNSDomain" | Out-Null;
		# Append text to file
		Add-Content $fileName $adapterLine | Out-Null;
	}
}
 
# Set computer name here
$computer = "localhost";
# Set to true to show Network adapters with no configured IP address.
$showNoIP = $false;
 
$networkAdapters = (Get-WmiObject -Class win32_networkadapter -computername $computer);
 
foreach($networkAdapter in $networkAdapters)
{
	# Win32_NetworkAdapter properties
	$adapterName = coalesce($networkAdapter.Name);
	$adapterStatus = coalesce($networkAdapter.Status);
	$MACAddress = coalesce($networkAdapter.MACAddress);
 
	# Get the Index of the currrent adapter to retireve its configuration from another WMI class
	$adapterIndex = $networkAdapter.Index;
	$adapterConfig = (Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "Index = $adapterIndex AND ipenabled = 'true'" -computername $computer);
 
	# Win32_NetworkAdapterConfiguration properties
	$ipAddress = coalesce($adapterConfig.IPAddress);
	$DefaultIPGateway = coalesce($adapterConfig.DefaultIPGateway);
	$DHCPEnabled = coalesce($adapterConfig.DHCPEnabled);
	$DHCPServer = coalesce($adapterConfig.DHCPServer);
	$DNSDomain = coalesce($adapterConfig.DNSDomain);
 
	# Display info only for adapters with configured IP addresses
	if($ipAddress -ne "<not configured>" -and $showNoIP -eq $false)
	{
		$adapterLine = "$adapterName,$MACAddress,$ipAddress,$DefaultIPGateway,$DHCPEnabled,$DHCPServer,$DNSDomain";
		appendToFile -computer "$computer" -adapterLine "$adapterLine";
	}
	# Display info for all adapters
	elseif($showNoIP -eq $true)
	{
		$adapterLine = "$adapterName,$MACAddress,$ipAddress,$DefaultIPGateway,$DHCPEnabled,$DHCPServer,$DNSDomain";
		appendToFile -computer "$computer" -adapterLine "$adapterLine";
	}
}

Just change the $computer variable to whichever computer you wish to audit. This will produce a file called <computer name>_NetworkApaters.csv and will contain information similar to;

adapterName MACAddress ipAddress DefaultIPGateway DHCPEnabled DHCPServer DNSDomain
Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter 00:16:44:6F:FF:65 192.168.0.2 192.168.0.1 TRUE 192.168.0.1 <not configured>

The $showNoIP is set to only show adapters configured with TCP/IP. Set this to $true to make the script dump details of all adapters.

It would be fairly trivial to get this script to process a list of computers to document an entire network. I have shown this in other Powershell scripts but will be demonstrating this again in a future post.


Leave a Reply