none
Update DHCP Policy with Mutltiple MAC address values RRS feed

  • Question

  • We have subnets that will have different scope options for same devices on the same VLAN.  So we are using DHCP Policy with MAC Address condition to segregate the scope options.
    For Example we have DHCP policy that will give you TFTP OPTION 150 = 10.0.0.2 for certain MAC Addresses.  Yes these are for CISCO phones.

    Issue #1. 
    When needing to add MAC Addresses to the policy we have two options.  1.  Use the GUI or 2. Powershell
                     
    1. GUI - This is fine for doing 1's 2's ... 5's...6's....  but 10-20-30?? no.
    2. Powershell - This is great way to quickly update the DHCP policy, however SET-DHCPServerV4Policy command OVERWRITE what is in your MAC Address list.  So if you have to add 1 MAC, you need to copy ALL the EXISTING MACS into the powershell command + the new MAC then run the powershell.  If you just run this command with only the new MAC, it will overwrite all the existing MAC values with this 1 new MAC.

    Issue #2.
      Removing a MAC from DHCP Policy -
                    
    1. GUI - Have you guys ever tried to remove a single MAC Address from an UNSORTED List OF 100 MACs??? Good Luck!!!
    2. Powershell - Same situation as above.  There is no remove single MAC command.  We would have to export ALL the MACs, remove the MAC you want removed, the Re-RUN the SET-DHCPSErverV4Policy command with the remaining MACs

    We have many call centers and people switching subnets, Vlans, new hires, fires DAILY... this is becoming an operational nightmare and we are going blind looking at 12 character MAC Addresses all day.
    Does anyone have an efficient way to update MAC Addresses condition in a DHCP Policy???  Please share!!
    Thanks!
    • Edited by Charlie1313 Wednesday, October 4, 2017 12:28 AM
    Wednesday, October 4, 2017 12:24 AM

All replies

  • Hi Charlie1313,

    Based on the specific situation, we need do more researches. If we have any updates or any thoughts about this issue, we will keep you posted as soon as possible. Your kind understanding is appreciated. If you have further information during this period, you could post it on the forum, which help us understand and analyze this issue comprehensively.

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Wednesday, October 4, 2017 4:10 AM
  • Thanks Candy.

    I would also like to add that for DHCP Policy with MacAddress condition, you are able to add the same MAC address twice.  There appears to be no checking if MAC address is already part of the condition of the policy.

    Anxiously waiting a solution =)

    Thanks!!!

    C


    -C-

    Thursday, October 5, 2017 2:19 AM
  • Hi Charlie1313,

    SET-DHCPServerV4Policy

    It can used to modify existing policies. For modifying the MAC address prefix based condition of DevicesPolicy to make it applicable to devices of some other manufacturer (which have a different prefix). The existing MAC address based condition will be replaced. The other condition based on the vendor class filed will be retained and logically combined (OR’d) with this new condition.

    Refer to link below:

    https://blogs.technet.microsoft.com/teamdhcp/2012/12/14/dhcp-policies-using-powershell/

    So, I suppose this is the cmdlet: SET-DHCPServerV4Policy behavior. Currently we have no other cmdlets to modify the DHCP server V4 policies. Workaround could be: exporting these MACs to excel then add or remove one of them, reset these policies.

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Friday, October 6, 2017 9:42 AM
  • Hi Candy,

    Thanks for the feedback.

    Exporting 100's of MACs into a document can also be challenging.  You have to format them with "," - remove the spaces...etc.  This seems very cumbersome.

    If I have a policy that has 100 MACs and I only need to remove 2, then I have to export 100 MACs to spreadsheet or notepad, then remove the 2 MACs, then run the SET-DHCPServerV4Policy command with the 98 MACs.  As I mention, after exporting the MACs, we still have to format the string properly then insert into the powershell command.

    Ok I have an idea, tell me what you think, it's not pretty but atleast its a little better.

    Export ALL Policies from a DHCP with all MACs.  Create one huge Notepad file.

    Have all the SET commands prepared for each policy with all current MACs.  Then just use this notepad file to copy and paste the powershell command.  If you need to ADD a MAC, just search for the policy and add the MACs to the powershell.  If you need to remove a MAC, search for the MAC using notepad search, remove the MAC and copy the powershell command and run.

    Example: (from real data, my work notes)

    ___________________________________________________________________________________

    Set-DhcpServerv4Policy -Name "New TFTP" -ScopeID 10.140.178.0 -MacAddress EQ,1C17D3367959,7C95F3C8CE7E,285261C408E2,2C0BE9055B6B,34BDC82DB190,3C0E236D5D90,285261C4085A,00425AC75DB5,44E4D9450F0E,1C17D3C2887E,34BDC8C64E9E,285261C408ED,285261C40733,2C0BE9055ABC,64E9502FD140,285261C401E6,00425AC75D9F,285261C4015E,285261C40149,2C0BE9055AAC,346f9017175f, 285261c40869, f8a5c5a005f3, 285261c409f2, 285261c4095b,2c0be90492b2, 285261c4075e, f8a5c5a0353b, 285261c40750, 285261c409db -ComputerName DHCPSERVER1

    Set-DhcpServerv4Policy -Name "New TFTP" -ScopeID 10.140.98.0 -MacAddress EQ,44E4D945004D,346F9016E5AB,44E4D94511F6,44E4D944F500,44E4D94502E0,44E4D9450067,44E4D94487FA,44E4D94504B2,1C1D86C4EAE7,AC7E8A2B3679,1C1D86C4B33E,AC7E8A2B315C,44E4D94486E1,44E4D944F563,285261C409EF,44E4D9450054,2C0BE9054BF3,44E4D94502DF,2C0BE9054C40,AC7E8A2B360C,2C0BE9054D69,2C0BE9054D88,44E4D94503B0,2C0BE9054DC6,2C0BE9054E46,44E4D944888E,44E4D944F649,44E4D944F570,44E4D9448FDE,44E4D944F85F,44E4D9449015,44E4D944901C,44E4D9448C9E,44E4D94488D2,44E4D9450E4C,2C0BE904FD63,1C17D3C28BBF,285261C40762,346F901737F4,2C0BE904FDD9,1C17D3C28DC3,F8A5C5A00616,F8A5C5A006CB,285261C48EED,F8A5C5A0354E,00425AC7F99E,2C0BE904B30D,F47F35A205C1,3C0E236D5FF3,2C0BE9054D89,1C1D862F6FF8,0C6803C1C52F -ComputerName DHCPSERVER1

    Set-DhcpServerv4Policy -Name "New TFTP" -ScopeID 10.68.228.0 -MacAddress EQ,44ADD9D48EEC,F41FC266E9E4,F41FC2676AAE,44ADD9D59A15,F41FC267768A,1C17D3C28D81,F41FC266E71A,F41FC266EDE6,F41FC2676B09,F41FC2676B0C,F41FC2676888,F41FC266F1BE,F41FC266F2B3,F41FC266EEFB,F41FC26761E5,F41FC2676B0B,F41FC26767E4,F41FC2677332,F41FC266EED4,1CAA07E23C4A,44ADD9D50783,F41FC266EBB1,F41FC266EA0A,44ADD9D4B6B0,F41FC266F2AC,44ADD9D58B34,F41FC2676BD8,F41FC2678A5F,1CAA07E23EEE,F41FC266F0D9,F41FC266EA58,1CAA07E23EAB,44ADD9D50546,44ADD9D4C0C7,F41FC266E5C7,F41FC2678C1B,F41FC266ED6B,F41FC2676027,F41FC2676119,F41FC266EF24,F41FC2677324,F41FC266EECA,F41FC266F28B,F41FC266F119,F41FC267691E,44ADD9D4B6D3,F41FC2676A2C,F41FC266E9F4,F41FC266EED9,F41FC2676E91,44ADD9D4929F,44ADD9D4B784,F41FC266F278 -ComputerName DHCPSERVER1

    _________________________________________________________________________________

    So I will create 1 big notepad file with all the policies.  Make modifications on the notepad and just copy and paste to powershell and run.  This is all I can think of right now as the fastest most accurate way. 

    What are your thoughts?

    Thanks
    C


    -C-

    Friday, October 6, 2017 10:48 PM
  • Hi ,

    Sorry for the delayed response.

    >>What are your thoughts?

    It’s  a good idea for our current situation. However, I’d better use spreadsheet rather than txt file.

    Using Excel file we can easy remove space between these MAC addresses via CTRL+F & replace functionality.

    When you export these MAC address, please add this parameter -Delimiter ‘ ,’ at the end of Export-Csv. For instance: Export-Csv -Delimiter ‘,’ -file .\outMAC.csv

    We really have no other better methods for our current scenario.

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Monday, October 9, 2017 5:28 AM
  • Hi ,

    Just want to confirm the current situations.

    Please feel free to let us know if you need further assistance.                   

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, October 10, 2017 2:15 AM
  • Yes we are going to use notepad because we are keeping this file on the server.  That way all admins can update it.  It is still many steps.

    Do you know if any scripts for DHCP reservations or similar that we can use and tweak for this process?

    THanks,

    C


    -C-

    Wednesday, October 11, 2017 6:37 PM
  • Hi Charlie1313,

    >>Do you know if any scripts for DHCP reservations or similar that we can use and tweak for this process?

    Sorry ,I didn’t find out any scripts for this currently.

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, October 12, 2017 5:58 AM
  • Is there a way to delegate this to another team without giving them full access to DHCP configuration?  We just want another team to have access ONLY to update MAC Address in DHCP Policy... can this be done?

    Thanks

    C


    -C-

    Tuesday, October 17, 2017 10:52 PM
  • Hi Charlie1313,

    >>Is there a way to delegate this to another team without giving them full access to DHCP configuration? 

    I have discussed with my colleague. Based on our research, there is no way to achieve it .

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, October 18, 2017 8:13 AM