Advanced Windows PowerShell Scripting Video Training

Advanced Windows PowerShell Scripting Video Training
Advanced Windows PowerShell Scripting Video Training

Friday, February 13, 2015

Enabling and Disabling IPv6 in Your Domain

As I teach Windows Server 2012 and Windows 8, I still come across organizations that have disabled IPv6 in their environment for one reason or another.  So the question that I give my classes is “What are you going to do when you require IPv6 for something?”  As these organizations have been disabling IPv6 for years with each new client deployment, they now have hundreds of clients to enable it on.  Just for example, let’s say that we have an organization of 500 clients all in one physical site.  Let’s assume that for one individual to move to a client, get the user to log off, log in and then enable IPv6 is 3 minutes per client.  Yes, I know.  That is an optimistic guess.  Most users make you wait a few more minutes but let’s just roll with it.  It will take 25 hours of manual labor to complete this task.  This is not a good use of your time and a complete waste of company dollars.

In comes PowerShell. If you run the PowerShell command Get-NetAdapterBinding you will find the component ID that we are interested in is ms_tcpip6. Using the following commands, you can both enable and disable IPv6 on all adapters:

Get-NetAdapterBinding | Enable-NetAdapterBinding -ComponentID ms_tcpip6

Get-NetAdapterBinding | Disable-NetAdapterBinding -ComponentID ms_tcpip6

This will perform an Enable/Disable on all interfaces for the local machine.  But what able your environment?  Your network has 500 clients.  I am going to assume that PowerShell remoting has been enabled on all of your clients.  Let’s be clear, this code is not at the robust level that I would prefer it be at.  I generally write my code as functions/cmdlets as opposed to scripts. This code was generated for a Windows Server 2012 R2 class so we will leave the real fun stuff out for now.  For example, the Catch block displays text as opposed to placing the result in an object.  Also my little trick to speed this process up was left out. These are topics for another time.

Here is the code to disable IPv6 in your environment for all online clients.

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

$ComputerName = Get-ADComputer -Filter * | Select -ExpandProperty Name

 

ForEach ($C in $ComputerName)

{

    Try

    {

        Write-Host "Connecting to: $C" -ForegroundColor Cyan

        $S = New-PSSession -ComputerName $C -ErrorAction Stop

        Write-Host "Connection established" -ForegroundColor Green

        Invoke-Command -Session $S -ScriptBlock {

        $NICs = Get-NetAdapter | Select -ExpandProperty IfAlias

 

        ForEach ($N in $Nics)

        {

            If ((Get-NetAdapterBinding -InterfaceAlias $N -ComponentID ms_tcpip6).Enabled)

            {

                Disable-NetAdapterBinding -InterfaceAlias $N -ComponentID ms_tcpip6

            }

        }

        }

        $S | Remove-PSSession

    }

    Catch

    {

        Write-Host "Computer $C is not online or Remoting is not enabled" -ForegroundColor Red -BackgroundColor DarkRed

    }

}

 

 

And the code to enable IPv6.

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

$ComputerName = Get-ADComputer -Filter * | Select -ExpandProperty Name

 

ForEach ($C in $ComputerName)

{

    Try

    {

        Write-Host "Connecting to: $C" -ForegroundColor Cyan

        $S = New-PSSession -ComputerName $C -ErrorAction Stop

        Write-Host "Connection established" -ForegroundColor Green

        Invoke-Command -Session $S -ScriptBlock {

        $NICs = Get-NetAdapter | Select -ExpandProperty IfAlias

 

        ForEach ($N in $Nics)

        {

            If (!(Get-NetAdapterBinding -InterfaceAlias $N -ComponentID ms_tcpip6).Enabled)

            {

                Enable-NetAdapterBinding -InterfaceAlias $N -ComponentID ms_tcpip6

            }

        }

        }

        $S | Remove-PSSession

    }

    Catch

    {

        Write-Host "Computer $C is not online or Remoting is not enabled" -ForegroundColor Red -BackgroundColor DarkRed

    }

}

 

 

The two code samples are nearly identical with exception to lines 16 and 18. You may have to run this code multiple times.  I would change the Catch block to report clients that could not be contacted.  That way you can focus the next run on those specific clients.

 

 

No comments: