A customer of mine needed to check if a specific IP address was within any of the IP range boundaries that was present in ConfigMgr. I did some research on how this could be scripted, and found out that there’s a System.Net.IPAddress class that could be leveraged. The final script that I came up with is able to check if an IP address fall within any boundary, and if it does it returns the boundary description or range value. If the IP address would be within several boundaries, all results will be shown. By designing the script this way, it could also be used to check for overlapping boundaries (thanks to David O’brien for pointing that out to me!)

How to use the script

This script is looking for IP addresses that fall within any of the configured IP range boundaries. At the moment it doesn’t work with Subnet or AD Site boundaries. Save the script from below and call it e.g. Get-IPAddressBoundary.ps1. I’ve saved it to C:\Scripts on my Primary Site server.

1. Open an elevated PowerShell console.
2. Browse to the folder where you saved the script, and run the following command:

.\Get-IPAddressBoundary.ps1 -SiteServer CM01 -IPAddress 192.168.1.20

Note: Change CM01 and 192.168.1.20 to values that works in your environment.

3. When the above command has been executed, if the script will match an IP range boundary to the entered IP address, it will output either the Description of the boundary or the value of the range.

91_1

If no matches was found, the script will output that it didn’t find the IP address to be within any of the configured IP range boundaries.

The script

param(
[parameter(Mandatory=$true)]
$SiteServer,
[parameter(Mandatory=$true)]
$IPAddress
)

function Get-CMSiteCode {
    $CMSiteCode = Get-WmiObject -Namespace "root\SMS" -Class SMS_ProviderLocation -ComputerName $SiteServer | Select-Object -ExpandProperty SiteCode
    return $CMSiteCode
}

$Results = 0
$Boundary = Get-WmiObject -Namespace "root\SMS\site_$(Get-CMSiteCode)" -Class SMS_Boundary -Filter "BoundaryType = 3"
$BoundaryCount = ($Boundary | Measure-Object).Count
if ($BoundaryCount -ge 1) {
    $Boundary | ForEach-Object {
        $BoundaryName = $_.DisplayName
        $BoundaryNameLength = $_.DisplayName.Length
        $BoundaryValue = $_.Value.Split("-")
        $IPStartRange = $BoundaryValue[0]
        $IPEndRange = $BoundaryValue[1]
        $ParseIP = [System.Net.IPAddress]::Parse($IPAddress).GetAddressBytes()
        [Array]::Reverse($ParseIP)
        $ParseIP = [System.BitConverter]::ToUInt32($ParseIP, 0)
        $ParseStartIP = [System.Net.IPAddress]::Parse($IPStartRange).GetAddressBytes()
        [Array]::Reverse($ParseStartIP)
        $ParseStartIP = [System.BitConverter]::ToUInt32($ParseStartIP, 0)
        $ParseEndIP = [System.Net.IPAddress]::Parse($IPEndRange).GetAddressBytes()
        [Array]::Reverse($ParseEndIP)
        $ParseEndIP = [System.BitConverter]::ToUInt32($ParseEndIP, 0)
        if (($ParseStartIP -le $ParseIP) -and ($ParseIP -le $ParseEndIP)) {
            if ($BoundaryName.Length -ge 1) {
                $Results = 1
                Write-Output "`nIP address '$($IPAddress)' is within the following boundary:"
                Write-Output "Description: $($BoundaryName)`n"
            }
            else {
                $Results = 1
                Write-Output "`nIP address '$($IPAddress)' is within the following boundary:"
                Write-Output "Range: $($_.Value)`n"
            }
        }
    }
    if ($Results -eq 0) {
        Write-Output "`nIP address '$($IPAddress)' was not found in any boundary`n"
    }
}
else {
    Write-Output "`nNo IP range boundaries was found`n"
}
Nickolaj Andersen
Principal Consultant and Enterprise Mobility MVP. Nickolaj has been in the IT industry for the past 10 years specializing in Enterprise Mobility and Security, Windows deployments and Automation. In 2015 Nickolaj was awarded as PowerShell Hero by the community for his script and tools contributions. Author of ConfigMgr Prerequisites Tool, ConfigMgr OSD FrontEnd, ConfigMgr WebService and a frequent speaker at user groups.

(779)

comments
  • Max E.
    Posted at 15:21 April 15, 2014
    Max E.
    Reply
    Author

    It does not account for multiple SMS Provider’s, and thus fails when more than one SMS Provider exists.

    $CMSiteCode = Get-WmiObject -Namespace “root\SMS” -Class SMS_ProviderLocation -ComputerName $SiteServer | Select-Object -ExpandProperty SiteCode

    • AJ
      Posted at 12:12 November 8, 2016
      AJ
      Reply
      Author

      Hi, I do get the same error above on the CAS, is there a way to make this script work?

  • DexterPOSH
    Posted at 08:14 July 5, 2014
    DexterPOSH
    Reply
    Author

    Hey Nickolaj,

    I tweaked your script a bit to return back Objects and uploaded it to Technet. Mentioned you as the Author 😉

    http://gallery.technet.microsoft.com/Get-Boundaries-an-5fa3a1c4

    Regards,
    Dexter

    • Nickolaj
      Posted at 09:33 July 10, 2014
      Nickolaj
      Reply
      Author

      Awesome Dexter! Cool stuffs 🙂

  • Kataman
    Posted at 11:27 August 18, 2016
    Kataman
    Reply
    Author

    Not working, nothing happend.

  • Leave a Reply