Thursday, July 23, 2015

Interacting with TCP/IP Through PowerShell PART 3

Interacting with TCP/IP Through PowerShell PART 3


In the previous article in this series, I explained that although the Get-NetIPAddress cmdlet is able to retrieve IPv4 addresses, it is not capable of retrieving other basic IP address configuration information such as the default gateway address or the DNS server address. In order to do that we need to use some different cmdlets.
At the end of my last article, I incorrectly stated that you must use WMI in order to retrieve IP address configuration information. Certainly you can use WMI, and I will show you how to do so. However, it is possible to retrieve IP address configuration information using a normal PowerShell cmdlet. You just can’t do it using the Get-NetIPAddress cmdlet. Instead, you will have to use the Get-NetIPConfiguration cmdlet. As you can see in Figure A, this cmdlet returns the interface alias, the interface index, the interface description, the net profile name (which is usually the domain name), the IP address, the default gateway, and the DNS server. Furthermore, this cmdlet is able to return IPv4 and / or IPv6 information.
Image
Figure A: You can retrieve IP address configuration information using the Get-NetIPConfiguration cmdlet.
On the surface, the screen capture shown above looks really simple and straightforward, but there is more going on here than meets the eye.
To show you what I mean, think back to my previous article when I discussed the Get-NetIPAddress cmdlet. As you will recall, you can use the Get-NetIPAddress cmdlet by itself and PowerShell will provide you with some basic information related to IP address usage. However, there are some attributes that are hidden by default. If you want to see the full list of attributes, you will have to enter Get-NetIPAddress | Select-Object *
So what does all of this have to do with the screen capture shown above? Well, the Get-NetIP Configuration cmdlet works the same way. Well, sort of. Like most PowerShell cmdlets that are based around the Get verb, the Get-NetIPConfiguration cmdlet displays some basic information, but there are some hidden attributes. As was the case with the Get-NetIPAddress command, you can see all of these attributes by appending the pipe symbol (|) and Select-Object *
In all honesty, the full attribute set doesn’t contain much more information than what is shown above. Even so, there are some really interesting things going on with the result set.
To show you what I mean, take a look at Figure B. I start out by entering the Get-NetIPConfiguration cmdlet without any supplementary cmdlets. As you look at the cmdlet’s results, pay attention to the default gateway and the DNS server. Both are IPv4 addresses. Now, take a look at the default gateway and the DNS server addresses when I append the Select-Object cmdlet. Both are blocks of text rather than addresses. So what’s going on here?
Image
Figure B: The Get-NetIPConfiguration cmdlet does not always return the results that you might expect.
To show you what is happening, we will need to focus on a single attribute. Let’s use the IPv4DefaultGateway. Suppose that we enter the following command:
Get-NetIPConfiguration | Select-Object IPv4DefaultGateway
PowerShell returns the following results (at least on my server):
{MSFT_NetRoute (InstanceID = “:8:8:8:9:55?055;7AB;::8;::8;::55;”)}
Obviously the text above looks nothing like an IPv4 address. Even so, forget about what the line above says for a moment. The first clue that something different is going on is that the result is enclosed in braces {}. If you look back at the screen capture above, you will notice that when I entered the Get-NetIPConfiguration cmdlet by itself, none of the results were enclosed in braces. Instead, the results consisted solely of a text string. So why are we seeing braces now? Let’s dig into this a little bit deeper.
To solve the mystery of why we are seeing coded text enclosed in braces, let’s put the Get-Member cmdlet to work. We will do this by entering the following command:
Get-NetIPConfiguration | Get-Member –Name IPv4DefaultGateway
You can see the results of this command in Figure C.
Image
Figure C: This is what happens when we use the Get-Member cmdlet.
As you can see in the figure above, the definition for the IPv4DefaultGateway is listed as ciminstance[]. In other words, the property is based on a CIM Instance.
CIM stands for Common Interface Model. It is based on a standard for describing the structure and behavior of managed resources. When we enter the Get-NetIPConfiguration cmdlet by itself, the cmdlet is smart enough to interpret the CIM data and gives us the information that we want. When we start looking at individual properties such as the IPv4DefaultGateway however, PowerShell shows us the raw CIM data.
OK, that’s great, but what do we do if we need to work with a CIM based value? We obviously can’t select the property from the Get-NetIPConfiguration command.
The solution to this problem is to delve into CIM. It’s actually not that complicated to do. Let me show you how it’s done.
The Common Interface Model is divided into classes and each class is related to a specific aspect of the operating system. Therefore, our first task is to figure out which CIM class is responsible for IP address configuration.
One way that you can accomplish this task is to generate a list of the CIM classes and take an educated guess. To see a list of CIM classes, enter the following command:
(Get-CimClass | Sort-Object –Property CimClassName).CimClassName;
You can see a partial list of the results in Figure D.
Image
Figure D: These are the default CIM class names.
I will save you the trouble of guessing the correct CIM class name and tell you that IP configuration information is controlled by a CIM class named Win32_NetworkAdapterConfiguration.
The next thing that we need to do is to figure out what property names are used within the Win32_NetworkAdapterConfiguration class. To do so, we simply have to look at the Name property for each object in the class. This can be accomplished by using the following commands:
$NetworkAdapterConfigurationClass = Get-CimClass -ClassName Win32_NetworkAdapterConfiguration;
($NetworkAdapterConfigurationClass.CimClassProperties).Name | Sort-Object;
The first line of code defines a variable called $NetworkAdapterConfigurationClass and associated it with the Win32_NetworkAdapterConfiguration class. The second line of code retrieves all of the property names within the class and displays them in alphabetical order. You can see the results in Figure E.
Image
Figure E: These are the property names used within the NetworkAdapterConfiguration class.
As you look at the figure above, you will notice that there is a property named DefaultIPGateway. If we want to display the default gateway then all we have to do is to retrieve the value of this property. Doing so requires us to use the following two lines of code:
$NetworkAdapterConfigurationList = Get-CimInstance -ClassName Win32_NetworkAdapterConfiguration;
$NetworkAdapterConfigurationList | Select-Object -Property DefaultIPGateway
You can see the output from these commands in Figure F. In this case the output is readable text, but the result is still enclosed in braces. The reason for the braces is that the result is part of an array. Microsoft treats the default gateway as an array of values because it is possible for a system to have multiple default gateways.
Image
Figure F: We are able to retrieve the default gateway.

No comments:

Post a Comment