Ensuring DHCP servers have conflict detection enabled with PowerShell

DHCP servers enable automatic distributions of IP addresses and IP options to client devices. Whether you have implemented Windows DHCP servers or third-party DHCP servers, you must enable conflict detection to avoid leasing out conflicting IP addresses.

The problem if conflict detection is disabled

If conflict detection is not enabled, the DHCP server can lease out an IP address that is already is in use by another device. When conflict detection is enabled, the DHCP Server will ping the IP address in question before it leases out the IP address to another requesting a client device. If the DHCP server receives a reply from the ping, it will mark the IP address as BAD_ADDRESS and will not lease out. Enabling conflict detection on all DHCP servers is recommended to ensure that all devices have a unique IP address so network communication is not halted. In this article, we will provide a PowerShell script that can check the status of all DHCP servers and their conflict detection settings.

dhcp servers
Shutterstock

Requirements

Before you can run the PowerShell script provided below, make sure you meet these requirements:

  • You have installed DHCP PowerShell cmdlets on the computer from where you plan to run the script.
  • You have collected all DHCP server names or IP addresses to be checked by the script and specified in the C:\Temp\DHCPServers.TXT file.
  • All DHCP servers specified in C:\Temp\DHCPServers.TXT file are reachable from the computer from where you plan to run the script.
  • The account you are currently logged on to has permissions to access properties of DHCP servers.

What does the script do?

The PowerShell script performs the following operations:

  • Checks all DHCP servers mentioned in the C:\Temp\DHCPServers.TXT file.
  • Imports DHCP server PowerShell cmdlets into the current PowerShell session.
  • Connects to each DHCP server using Get-DHCPServerSetting and collects the server-side configuration.
  • Checks the conflict detection status and values and then records the output in the C:\Temp\DHCPSettings.CSV file.

Important: The script does not write anything to DHCP servers. The script just executes Get-DHCPServerSetting, which is a read-only command, to gather the required data and provide the results in the CSV file.

PowerShell script

Executing this PowerShell script will generate a report in CSV format. The report file can be found at C:\Temp\DHCPSettings.CSV.

$LocAppDataNow = "C:\Users\Public"
$CurrentLoc="C:\Temp\"
$UniqueTest="DHCPCD"
Import-Module DHCPServer
$TestCSVFile="C:\Temp\DHCPSettings.CSV"
Remove-Item $TestCSVFile -ErrorAction SilentlyContinue
$ThisString="DHCP Server, Conflict Detection Configured?, Value, Final Status"
Add-Content "$TestCSVFile" $ThisString
$DHCPServerFile = "C:\Temp\DHCPServers.TXT"
$AnyGap = "No"
ForEach ($Server in GC $DHCPServerFile)
{
$ThisServerNow = $Server
$TotScopeNotInUse = 0
$TotScopeInUse = 0
$Error.Clear()
$results=Get-DhcpServerSetting -ComputerName $ThisServerNow
IF ($Error.Count -eq 0)
{
$ConfSetting = $results.ConflictDetectionAttempts
IF ($ConfSetting -eq 0)
{
$AnyGap = "Yes"
$STR = $ThisServerNow+",Disabled, 0, Not Ok"
Add-Content $TestCSVFile $STR
}
else
{
$STR = $ThisServerNow+",Enabled,"+$ConfSetting+",Ok"
Add-Content $TestCSVFile $STR
}
}
else
{
$STR = $ThisServerNow+", Error Connecting to DHCP Server"
Add-Content $TestCSVFile $STR
}
}
IF ($AnyGap -eq "Yes")
{
$TestStatus="High"
$TestText="HIGH ISSUE"
}
else
{
$TestStatus="Passed"
$TestText="MEDIUM ISSUE"
}

As you can see in the output below, which was generated by the script, the conflict detection is not enabled on DC2.TechGenix.com and DC3.TechGenix.com DHCP Servers. The script also shows the DHCP servers that have conflict detection enabled and conflict detection value. Once you have the output, you can log on to the DHCP servers and configure the conflict detection settings.

Important: There are many other checks you should perform to keep DHCP servers healthy and operational. The above script was obtained from DynamicPacks IT Scanner, which is capable of doing a complete health assessment of DHCP servers. There are 32 checks performed and each check provides the data and affected settings.

Featured image: Shutterstock

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top