A customer of mine needed to check if a specific IP address was within any of the IP range boundaries that was present in ConfigMgr. I did some research on how this could be scripted, and found out that there’s a System.Net.IPAddress class that could be leveraged. The final script that I came up with is able to check if an IP address fall within any boundary, and if it does it returns the boundary description or range value. If the IP address would be within several boundaries, all results will be shown. By designing the script this way, it could also be used to check for overlapping boundaries (thanks to David O’brien for pointing that out to me!)

How to use the script

This script is looking for IP addresses that fall within any of the configured IP range boundaries. At the moment it doesn’t work with Subnet or AD Site boundaries. Save the script from below and call it e.g. Get-IPAddressBoundary.ps1. I’ve saved it to C:\Scripts on my Primary Site server.

1. Open an elevated PowerShell console.
2. Browse to the folder where you saved the script, and run the following command:

.\Get-IPAddressBoundary.ps1 -SiteServer CM01 -IPAddress

Note: Change CM01 and to values that works in your environment.

3. When the above command has been executed, if the script will match an IP range boundary to the entered IP address, it will output either the Description of the boundary or the value of the range.


If no matches was found, the script will output that it didn’t find the IP address to be within any of the configured IP range boundaries.

The script


function Get-CMSiteCode {
    $CMSiteCode = Get-WmiObject -Namespace "root\SMS" -Class SMS_ProviderLocation -ComputerName $SiteServer | Select-Object -ExpandProperty SiteCode
    return $CMSiteCode

$Results = 0
$Boundary = Get-WmiObject -Namespace "root\SMS\site_$(Get-CMSiteCode)" -Class SMS_Boundary -Filter "BoundaryType = 3"
$BoundaryCount = ($Boundary | Measure-Object).Count
if ($BoundaryCount -ge 1) {
    $Boundary | ForEach-Object {
        $BoundaryName = $_.DisplayName
        $BoundaryNameLength = $_.DisplayName.Length
        $BoundaryValue = $_.Value.Split("-")
        $IPStartRange = $BoundaryValue[0]
        $IPEndRange = $BoundaryValue[1]
        $ParseIP = [System.Net.IPAddress]::Parse($IPAddress).GetAddressBytes()
        $ParseIP = [System.BitConverter]::ToUInt32($ParseIP, 0)
        $ParseStartIP = [System.Net.IPAddress]::Parse($IPStartRange).GetAddressBytes()
        $ParseStartIP = [System.BitConverter]::ToUInt32($ParseStartIP, 0)
        $ParseEndIP = [System.Net.IPAddress]::Parse($IPEndRange).GetAddressBytes()
        $ParseEndIP = [System.BitConverter]::ToUInt32($ParseEndIP, 0)
        if (($ParseStartIP -le $ParseIP) -and ($ParseIP -le $ParseEndIP)) {
            if ($BoundaryName.Length -ge 1) {
                $Results = 1
                Write-Output "`nIP address '$($IPAddress)' is within the following boundary:"
                Write-Output "Description: $($BoundaryName)`n"
            else {
                $Results = 1
                Write-Output "`nIP address '$($IPAddress)' is within the following boundary:"
                Write-Output "Range: $($_.Value)`n"
    if ($Results -eq 0) {
        Write-Output "`nIP address '$($IPAddress)' was not found in any boundary`n"
else {
    Write-Output "`nNo IP range boundaries was found`n"


Nickolaj Andersen

Principal Consultant and Enterprise Mobility MVP since 2016. Nickolaj has been in the IT industry for the past 10 years specializing in Enterprise Mobility and Security, Windows devices and deployments including automation. Currently working for TrueSec as a Principal Consultant. Awarded as PowerShell Hero in 2015 by the community for his script and tools contributions. Creator of ConfigMgr Prerequisites Tool, ConfigMgr OSD FrontEnd, ConfigMgr WebService to name a few. Frequent speaker at conferences and user groups.

  • Max E.
    Posted at 15:21 April 15, 2014
    Max E.

    It does not account for multiple SMS Provider’s, and thus fails when more than one SMS Provider exists.

    $CMSiteCode = Get-WmiObject -Namespace “root\SMS” -Class SMS_ProviderLocation -ComputerName $SiteServer | Select-Object -ExpandProperty SiteCode

    • AJ
      Posted at 12:12 November 8, 2016

      Hi, I do get the same error above on the CAS, is there a way to make this script work?

  • DexterPOSH
    Posted at 08:14 July 5, 2014

    Hey Nickolaj,

    I tweaked your script a bit to return back Objects and uploaded it to Technet. Mentioned you as the Author 😉



    • Nickolaj
      Posted at 09:33 July 10, 2014

      Awesome Dexter! Cool stuffs 🙂

  • Kataman
    Posted at 11:27 August 18, 2016

    Not working, nothing happend.

  • Leave a Reply