Migrate DHCP Scope(s)

Migrate DHCP KB ID 0001792

Problem

If you have a lot of DHCP scopes, options, or reservations, then manually creating them on your new DHCP servers can be a both a time consuming and tedious process. If only there was an easier way?

Migrate DHCP with Netsh

Below you can see an example, where  I have many scopes and lot’s of settings that would be painful to have to recreate from scratch. This example is on Server 2008 R2,but your source server could be server 2000, (or newer) the export procedure is the same.

Open an administrative command window, and issue the following  command.

[box]

netsh dhcp server export C:\dhcp-export.txt all

[/box]

Now on the source DHCP server I’m stopping and disabling the DHCP SERVER service, you might want to wait until, you are about to authorise the new 2022 DHCP server to minimise downtime, before doing this in production.

Copy the exported text file from the old DHCP server, to the new server.

Migrate DHCP: Install DHCP on Windows Server (via PowerShell)

Open an administrative PoweShell window, and issue the following  command.

[box]

Install-WindowsFeature DHCP -IncludeManagementTools

[/box]

Then import the settings with the following command.

[box]

netsh dhcp server import C:\dhcp-export.txt all

[/box]

Go to Administrative Tools > DHCP > You should see your migrated information in here, the DHCP scopes will be down (because the server has not yet been authorised in AD). Right click the server name, and select Authorise.

Note: At this point ENSURE the old DHCP server has had its DHCP server service stopped and disabled.

Wait a few seconds and then restart the DHCP Server service, (this can be done as shown below).

After a few seconds, the new scopes should be up and getting served.

Related Articles, References, Credits, or External Links

NA

Windows Server – Change a DHCP Scopes Subnet Mask

KB ID 0001177 

Problem

You have probably tried to do this and found he option ‘greyed out’ because in the DHCP management console you can’t change the subnet mask of a scope. 

I needed to change a clients DHCP scope because I was changing their subnet from /24 to /16. I could have simply deleted and recreated the scope, but they has a lot of custom settings for their phone system, and hundreds of reservations (which I know is unusual).

Solution

I wrote an article a long time ago about migrating DHCP scopes, this process uses the same method to take a backup of the scope, then you can edit the subnet mask, and ‘re-import’ the scope again.

First take a backup of the scope, open an administrative command window, and run the following command;

[box]

netsh dhcp server \\”Server name” scope “scope subnet” dump>c\:dhcp.txt
i.e.
netsh dhcp server \\Server-DC01 scope 10.0.0.0 dump >c:\temp\dhcp.txt

[/box]

 

Then open the C:\dhcp.txt file, and locate the subnet mask;

Edit it accordingly, and save the changes.

 

You can now DELETE the live scope, then reimport the one you just edited with the following command;

[box]

netsh exec c:\temp\dhcp.txt 

[/box]

Note: As you can see even when is has successfully import dyou will still see a “The following command was not found d error

On older, (pre Windows Server 2012 machines) use the following syntax instead;

[box]

netsh dhcp server import c:\temp\dhcp.txt all

[/box]

Related Articles, References, Credits, or External Links

NA

Windows – Backing up, Transferring, and Restoring Wireless Network Settings

KB ID 0000626

Problem

If you have a machine setup and working on your wireless network, sometimes it’s easier to set other machines up by simply migrating the settings. Either because you don’t want your child to try and type in a 64 bit WPA key, or you might simply have forgotten the WEP/WPA key,and don’t want to go through all the hassle of setting it up again.

In a small business environment you can give your colleagues their wireless settings in an XML file, or on a USB thumb drive. When using XML files you can even script the deployment of wireless settings to your users.

Solution

Option 1: Export/Import wireless Networks to XML File.

This is quick and easy, and if you are feeling adventurous enough, could be used to script the deployment of wireless networks.

1. On your working wireless machine, open a command window, the following command will list all the wireless profiles that are installed on this machine, )in the example below there is just one).

[box]netsh wlan show profiles[/box]

2. Now we know the name of the profile (Note: Typically it will be the SSID), we can export it to a folder. Be aware if the folder does not exist, the process is liable to fail.

[box]netsh wlan export profile name={profile name} Folder=c:{folder name}[/box]

3. This will produce an XML file, containing the settings.

4. Copy the folder containing your XML file to the destination machine, and issue the following command;

[box]netsh wlan add profile filename=”c:{folder name}{file name}.xml”[/box]

5. Your wireless profile will be restored.

Option 2: Export/Transfer/Import wireless Settings via USB.

1. On the source machine open ‘Control Panel’.

2. Select ‘Network and Sharing Center’.

3. Select ‘Manage wireless networks.

4. Locate the wireless profile you want to migrate, (in the example below there is just one), double click it > select ‘copy this network profile to a USB flash drive’.

5. Assuming you already have a USB drive plugged in, the wizard will detect it > Next.

6. Close.

7. Take the drive to a destination machine, and plug it in, Windows 7 has autorun disabled, with older versions of Windows you can simply choose ‘Connect to wireless network” from the autorun menu. If not open the drive and run the setupSNK.exe file.

8. Yes to confirm.

9. OK to close.

10. Your network is setup and ready to go.

Related Articles, References, Credits, or External Links

NA

Windows – Export / Recover WEP and WPA Wireless Keys

KB ID 0001015 

Problem

If you need to connect to your wireless network with a new machine and have forgotten the key, you can view the WEP or WPA key in cleartext using the following procedure on a machine that has connected before.

Solution

1. First launch PowerShell, ensure you ‘Run as administrator‘.

2. To show all the wireless profiles stored on this machine, issue the following command;

[box]

netsh wlan show profiles

[/box]

3. From the output above, the wireless profile I want the key for, is called SMOGGYNINJA-N. Note: This is the same as the Wireless networks SSID. To view the wireless key in clear text use the following command;

[box]netsh wlan show profiles name=”SMOGGYNINJA-N” key=clear[/box]

You can also export the profile from one PC to another one, (so you don’t have to enter the key on the new PC), with the following two commands.

To Export a Wireless Profile

[box]md c:WiFi
netsh wlan export profile “SMOGGYNINJA-N” folder=c:Wifi [/box]

To Import a Wireless Profile

Copy the WiFi folder you created in the step above, to the new PC/Laptop. Then execute the following command. Note: Change the section in red to match the path to your XML file.

[box]netsh wlan add profile filename=”c:WiFiWi-Fi-SMOGGYNINJA-N.xml” user=current[/box]

Related Articles, References, Credits, or External Links

Hacking Wireless WEP Keys with BackTrack and Aircrack-ng

Exchange – ‘The certificate status could not be determined because the revocation check failed.’

KB ID 0000484 

Problem

Seen on Exchange (with or without service packs) when you access the internet through a proxy server. Note: Exchange does NOT take its proxy settings from Internet Explorer.

Solution

1. To prove that the proxy is the problem drop to command line and issue the following command:

[box]netsh winhttp show proxy[/box]

 

If it says “Direct Access (no proxy server)” and you have a proxy server then that’s your problem.

2. Issue the following command:

[box]netsh winhttp set proxy proxy-server=”http={proxy IP}:{port};https={proxy ip}:{port}” bypass-list=”*.YourDomain.com”[/box]

3. Note: If at this point it all goes wrong (If you get it wrong, then the Exchange Management Console wont open! test it to make sure). To revert back to “no proxy”, issue the following command:

[box]netsh winhttp set proxy proxy-server=”http={proxy IP}:{port};https={proxy ip}:{port}” bypass-list=”*.YourDomain.com”[/box]

You only do this if it’s broken something!!

4. All being well your certificates should now display correctly.

 

Related Articles, References, Credits, or External Links

NA