Finding missing subnets in AD

If you’ve spent some time managing Active Directory, you’ll know how important it is to ensure that all subnets are linked to appropriate sites in AD sites and services console. Otherwise you may see slow logon or GPO issues in your environment. Using below script you can find all subnets which exist in your environment but have not yet been created in AD sites and services.

$servers = "DC1", "DC2", "DC3", "DC4", "DC5", "DC6"
foreach ($server in $servers){
$lines = Get-Content \\$server\c$\Windows\debug\netlogon.log
#$lines = Get-Content \\$server\c$\Windows\debug\netlogon.log | Select-Object -First 60000
    foreach ($line in $lines){
        if ($line -match "NO_CLIENT_SITE"){
        $client = $line.Split(":")[4].trim(" ").Split(" ")[0]
        $ip = $line.Split(":")[4].trim(" ").Split(" ")[1]
        Add-Content -Value "$server '|' $client '|' $ip" -Path C:No_client_site.txt
        }
    }
}

You do not need to enable netlogon debug logging, No_Client_Site information is captured in netlogon logs by default.

Be the first to comment

Leave a Reply

Your email address will not be published.


*