Skip to content

Monitoring a DHCP-server remotely

This entry is in English, since I spent many many days on the web searching for four simple paths to put some files...

But let's just start at the beginning. Have you ever wanted to query a DHCP server for it's scopes remotely? Maybe also list all clients in each scope? Well then wait no longer, netsh to the rescue!
The network shell has many advanced features that are either built in or have to be added as a helper. With netsh you can do an awesome lot of things, including managing your DHCP server. On the server itself the DHCP-helper DHCPMon.dll is loaded by default when you start the net shell. Let's have a quick look at some sample commands:

netsh dhcp server show scope

Yes. It is that simple. This command spits out your scopes for further analysis. Using a scopes IP-Address you can query its clients like this:

netsh dhcp server YourScopeHere show clients 1

I have actually no clue what the argument 1 does, and I could care less, since the list is sufficiently formatted to be put through some regex-matches and replaces. This way you can e.g. save an arraylist of clients to manage their SCCM membership state or whatever rocks your boat.

But now, you can't just log on to your DHCP server and call some script all day long, especially not if the server is productive and the script is run under the administrator's account. That's just wrong. On so many levels.

My quest for managing a DHCP server remotely began because I wanted to filter my leases for specific hostnames. For obvious security reasons this had to be done impersonating a service account. If you are an administrator for a larger company this is most likely a requirement for you and your scripts as well.

The net shell actually offers the option of connecting to a DHCP server remotely like this:


This technique sadly suffers from some limitations when trying to query a DHCP server. Be it because of a restrictive firewall policy or some other setting that causes this the remotely accessed net shell does not return any output. You are most likely not even receiving any output when you type a question mark. I have not researched this phenomenon as I already squandered countless hours on troubleshooting and wanted to get stuff done.

The solution I finally stumbled upon was actually quite simple. Install another DHCP server ;-) Stupid as it sounds, doing so at least gave me the standard paths for all files net shell needed and since I wanted to insert discovered clients into a database anyway I also had a server installation to begin with. The rest (after removing the DHCP server role...) was just copy and paste. If you are trying to get some DHCP server to spill its beans on a standard client - maybe even a corporate client machine restricted by a crapload of policies - you should install the Remote Server Admin Tools instead.

The tools also contain the DLL-File DHCPmon.dll (32 an 64 Bit) as well as the corresponding DHCPmon.dll.mui-Files. Please don't bother understanding why Microsoft decided on irritating all its users with this funny little scheme of putting everything where your would certainly not think it belongs.

64Bit DHCPmon.dll -> %windir%\System32\
32Bit DHCPmon.dll -> %windir%\SysWOW64\
64Bit mui -> %windir%\System32\en-US\
32Bit mui -> %windir%\SysWOW64\en-US\

I really hope that helps all your DHCP server-ish needs!


Keine Trackbacks


Ansicht der Kommentare: Linear | Verschachtelt

Noch keine Kommentare

Die Kommentarfunktion wurde vom Besitzer dieses Blogs in diesem Eintrag deaktiviert.

Kommentar schreiben

Umschließende Sterne heben ein Wort hervor (*wort*), per _wort_ kann ein Wort unterstrichen werden.
Standard-Text Smilies wie :-) und ;-) werden zu Bildern konvertiert.

Kommentare werden erst nach redaktioneller Prüfung freigeschaltet!