{"id":244,"date":"2014-09-25T15:17:34","date_gmt":"2014-09-25T19:17:34","guid":{"rendered":"http:\/\/adsecurity.org\/?p=244"},"modified":"2014-10-01T21:00:52","modified_gmt":"2014-10-02T01:00:52","slug":"powershell-code-find-active-directory-site-containing-ad-subnet","status":"publish","type":"post","link":"https:\/\/adsecurity.org\/?p=244","title":{"rendered":"PowerShell Code: Find Active Directory Site Containing AD Subnet"},"content":{"rendered":"

Here’s a quick script that returns the site in the Active Directory forest given a subnet (ex. 10.20.30.0).<\/p>\n

Match-Subnet2Site.ps1<\/a><\/p>\n

 <\/p>\n


\nParam
\n(
\n[string]$Subnet
\n)<\/p>\n

$IPSubnetRegEx = '\\b((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\.){3}(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|0)\\b'
\n# $IPRegEx = '\\b((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\.){3}(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\b'<\/p>\n

IF ($Subnet -match $IPSubnetRegEx)
\n{ Write-Output \"Searching the AD forest for subnet: $Subnet \" }
\nELSE
\n{ Write-Error \"The provided subnet ($Subnet) is not valid. Please enter as follows #.#.#.0 (ex. 10.22.33.0)\" }<\/p>\n

$ADForestName = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest().Name
\n$DomainDNS = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().Name<\/p>\n

$ADSites = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest().Sites
\n$ADSites = $ADSites | sort-Object Name
\n[int]$ADSitesCount = $ADSites.Count
\nWrite-output \"Searching $ADSitesCount AD Sites in $ADForestName `r\"<\/p>\n

[string]$SearchResults = \"Subnet $Subnet could not be found in the current Active Directory forest ($ADForestName)\"
\nForEach ($ADSitesItem in $ADSites)
\n{ ## OPEN ForEach ($ADSitesItem in $ADSites)
\n$ADSitesItemName = $ADSitesItem.Name
\n$ADSitesItemSubnetsCount = $ADSitesItem.Subnets.Count
\nIF ($ADSitesItem.Subnets.Count -gt 1)
\n{ ## OPEN IF ($ADSitesItem.Subnets.Count -gt 1)
\n$ADSitesItemSubnetsArray = $ADSitesItem.Subnets
\nWrite-Verbose \"The site $ADSitesItemName has $ADSitesItemSubnetsCount subnets \"
\nForEach ($ADSitesItemSubnetsItem in $ADSitesItemSubnetsArray)
\n{ ## OPEN ForEach ($ADSitesItemSubnetsItem in $ADSitesItemSubnets)
\n$ADSitesItemSubnets = $ADSitesItemSubnetsItem.Name
\n$ADSitesItemSubnetSite = $ADSitesItemSubnetsItem.Site
\n$ADSitesItemSubnetLocation = $ADSitesItemSubnetsItem.Location
\nWrite-Verbose \"Checking Site $ADSitesItemName subnet $ADSitesItemSubnets\"
\nIF ($ADSitesItemSubnets -like \"*$Subnet*\")
\n{ [string]$SearchResults = \"The subnet $Subnet is configured as part of the AD site $ADSitesItemName ($ADSitesItemSubnetLocation)\" }
\n} ## CLOSE ForEach ($ADSitesItemSubnetsItem in $ADSitesItemSubnets)
\n} ## CLOSE IF ($ADSitesItem.Subnets.Count -gt 1)
\nELSE
\n{ ## OPEN ELSE ($ADSitesItem.Subnets.Count -lt 1)
\n$ADSitesItemSubnets = $ADSitesItem.Subnets[0].Name
\n$ADSitesItemSubnetSite = $ADSitesItem.Subnets[0].Site
\n$ADSitesItemSubnetLocation = $ADSitesItem.Subnets[0].Location<\/p>\n

Write-Verbose \"Checking Site $ADSitesItemName single subnet $ADSitesItemSubnets\"
\nIF ($ADSitesItemSubnets -like \"*$Subnet*\")
\n{ [string]$SearchResults = \"The subnet $Subnet is configured as part of the AD site $ADSitesItemName ($ADSitesItemSubnetLocation)\" }
\n} ## CLOSE ELSE ($ADSitesItem.Subnets.Count -lt 1)<\/p>\n

[array]$ADSitesItemSubnetsArray = $ADSitesItemSubnets -Split(\", \")<\/p>\n

} ## CLOSE ForEach ($ADSitesItem in $ADSites)<\/p>\n

return $SearchResults<\/p>\n

<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"

Here’s a quick script that returns the site in the Active Directory forest given a subnet (ex. 10.20.30.0). Match-Subnet2Site.ps1   Param ( [string]$Subnet ) $IPSubnetRegEx = ‘\\b((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\.){3}(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|0)\\b’ # $IPRegEx = ‘\\b((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\.){3}(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\b’ IF ($Subnet -match $IPSubnetRegEx) { Write-Output “Searching the AD forest for subnet: $Subnet ” } ELSE { Write-Error “The provided subnet ($Subnet) is not … <\/p>\n

Continue reading<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[20,88,89,22],"class_list":["post-244","post","type-post","status-publish","format-standard","hentry","category-powershell","tag-activedirectory","tag-adsite","tag-adsubnet","tag-powershellcode","item-wrap"],"_links":{"self":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/244","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=244"}],"version-history":[{"count":5,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/244\/revisions"}],"predecessor-version":[{"id":253,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/244\/revisions\/253"}],"wp:attachment":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=244"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=244"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=244"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}