Technology Stronghold

PowerShell Workflow to enable or disable IP protocols (IPv4 or IPv6) on network adapters of remote servers

I wrote a very simple PowerShell workflow to solve an issue on one particular environment. The problem was that system administrators thought that it is a good idea to disable IPv6 protocol on all NICs on all servers.

Disabling IPv6 protocol is a very bad practice.

  • This will not disable IPv6.
  • Microsoft does not tests this scenario so a lot of weird things can happen in such environment.

Possibilities

  • It is possible to use the Workflow on local server or against multiple remote servers (parallel processing).
  • It is possible to get only a report of the current status. You should do that before you do enable or disable action.
  • It is possible to enable or disable IPv4 or IPv6 (I hope you will never use it do disable IPv6) or to enable all IP protocols

Examples

Get report for all servers in the specified OU

$servers = Get-ADComputer `
    -Filter * `
    -SearchBase 'OU=Servers,OU=Contoso headquarters,DC=ad1,DC=contoso,DC=com' |
    Select-Object -ExpandProperty Name

Set-VNetAdapterIPProtocol `
    -Process Report -PSComputerName $servers | Out-GridView

Enable all IP protocols on the specified servers and export results

Set-VNetAdapterIPProtocol `
    -Process EnableIPv4andIPv6 `
    -PSComputerName cont2test0, cont2test1, cont2test2 | Export-Csv `
        -Path C:\Temp\MyReport.csv `
        -Delimiter "`t" `
        -Encoding UTF8 `
        -NoTypeInformation

Code

Workflow Set-VNetAdapterIPProtocol
{
    <#
    .SYNOPSIS
        Report or modify status (enabled or disabled) of IP protocol (IPv4 or IPv6) on a single device or on multiple (in parallel).

    .DESCRIPTION
        Developer
            Developer: Rudolf Vesely, http://rudolfvesely.com/
            Copyright (c) Rudolf Vesely. All rights reserved
            License: Free for private use only

            "V" is the first letter of the developer's surname. The letter is used to distingue Rudolf Vesely's cmdlets from the other cmdlets.

        Description
            Report or modify status (enabled or disabled) of IP protocol (IPv4 or IPv6) on a single device or on multiple (in parallel).

        Requirements
            Developed and tested using PowerShell 4.0.

    .PARAMETER Process
        Action that should be done.

    .EXAMPLE
        'Get report for all servers in the specified OU'
        $servers = Get-ADComputer `
            -Filter * `
            -SearchBase 'OU=Servers,OU=Contoso headquarters,DC=ad1,DC=contoso,DC=com' |
            Select-Object -ExpandProperty Name

        Set-VNetAdapterIPProtocol `
            -Process Report -PSComputerName $servers `
            -Verbose | Out-GridView

    .EXAMPLE
        'Enable all IP protocols on the specified servers and export results'
        Set-VNetAdapterIPProtocol `
            -Process EnableIPv4andIPv6 -PSComputerName cont2test0, cont2test1, cont2test2 `
            -Verbose | Export-Csv `
                -Path C:\Temp\MyReport.csv `
                -Delimiter "`t" `
                -Encoding UTF8 `
                -NoTypeInformation

    .INPUTS

    .OUTPUTS
        System.Management.Automation.PSCustomObject

    .LINK
        https://techstronghold.com/
    #>

    [CmdletBinding(
        DefaultParametersetName = 'Process',
        HelpURI = 'https://techstronghold.com/',
        ConfirmImpact = 'Medium'
    )]

    Param
    (
        [Parameter(
            Mandatory = $false,
            Position = 0,
            ParameterSetName = ''
        )]
        [ValidateSet(
            'Report',
            'EnableIPv4',
            'DisableIPv4',
            'EnableIPv6',
            'DisableIPv6',
            'EnableIPv4andIPv6'
        )]
        [string]$Process = 'Report'
    )

    $ErrorActionPreference = 'Stop'

    InlineScript
    {
        try
        {
            Get-NetAdapter -ErrorAction Stop | ForEach-Object -Process `
            {
                try
                {
                    $ipv4Status = ($_ | Get-NetAdapterBinding -ComponentID 'ms_tcpip').Enabled
                    $ipv6Status = ($_ | Get-NetAdapterBinding -ComponentID 'ms_tcpip6').Enabled

                    if ($ipv4Status -and $Using:Process -eq 'DisableIPv4')
                    {
                        Write-Warning -Message 'Disable: IPv4'
                        $ipv4Status = ($_ | Disable-NetAdapterBinding -ComponentID 'ms_tcpip' -PassThru).Enabled
                    }
                    elseif (!$ipv4Status -and $Using:Process -match 'EnableIPv4|EnableIPv4andIPv6')
                    {
                        Write-Warning -Message 'Enable: IPv4'
                        $ipv4Status = ($_ | Enable-NetAdapterBinding -ComponentID 'ms_tcpip' -PassThru).Enabled
                    }

                    if ($ipv6Status -and $Using:Process -eq 'DisableIPv6')
                    {
                        Write-Warning -Message 'Disable: IPv6'
                        $ipv6Status = ($_ | Disable-NetAdapterBinding -ComponentID 'ms_tcpip6' -PassThru).Enabled
                    }
                    elseif (!$ipv6Status -and $Using:Process -match 'EnableIPv6|EnableIPv4andIPv6')
                    {
                        Write-Warning -Message 'Enable: IPv6'
                        $ipv6Status = ($_ | Enable-NetAdapterBinding -ComponentID 'ms_tcpip6' -PassThru).Enabled
                    }

                    # Return
                    [PsCustomObject]@{
                        ComputerName     = $env:COMPUTERNAME
                        Name             = $interfaceItem.Name
                        Index            = $interfaceItem.ifIndex
                        MacAddress       = $interfaceItem.MacAddress
                        IPv4Status       = $ipv4Status
                        IPv6Status       = $ipv6Status
                        Error            = $false
                        ErrorDescription = $null
                    }
                }
                catch
                {
                    # Return
                    [PsCustomObject]@{
                        ComputerName     = $env:COMPUTERNAME
                        Name             = $interfaceItem.Name
                        Index            = $interfaceItem.ifIndex
                        MacAddress       = $interfaceItem.MacAddress
                        IPv4Status       = $null
                        IPv6Status       = $null
                        Error            = $true
                        ErrorDescription = ('Exception during trial to process network adapter: {0}' -f $_.Exception.Message)
                    }
                }
            }
        }
        catch
        {
            # Return
            [PsCustomObject]@{
                ComputerName     = $env:COMPUTERNAME
                Name             = $null
                Index            = $null
                MacAddress       = $null
                IPv4Status       = $null
                IPv6Status       = $null
                Error            = $true
                ErrorDescription = ('Exception during trial to get network adapters: {0}' -f $_.Exception.Message)
            }
        }
    }
}

Rudolf Vesely

, , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

Active Directory Advanced function AlwaysOn Availability Groups AlwaysOn Failover Cluster Instances Building Cloud Cloud Cluster Cmdlet Database Deployment Design DFS Domain Controller DSC Fabric Failover Clustering File Server Group Policy Hardware Profile Host Hyper-V Installation Library Library Asset Library Server Network Operations Manager Orchestrator PowerShell PowerShell User Group PowerShell Workflow Security Service Manager SQL Server Storage System Center Template Time Time Synchronization Tips Virtual Machine Virtual Machine Manager VM Network VM Template Windows Server 2012 R2