Get-ADReplicationSite Subnet Values

This topic contains 4 replies, has 4 voices, and was last updated by Profile photo of Jdominioni . Jdominioni . 2 months, 3 weeks ago.

  • Author
    Posts
  • #54119
    Profile photo of Jdominioni .
    Jdominioni .
    Participant

    I've inherited a large AD environment, and I'm trying to find AD sites that have no subnet attached to them. Should be easy, right? First, let's list all our sites:

    (Output examples have irrelevant properties removed for space.)

    PS H:\> Get-ADReplicationSite -Filter * -Properties subnets
    
    DistinguishedName      : CN=Chicago,CN=Sites,CN=Configuration,DC=contoso,DC=com
    Name                   : Chicago
    ObjectClass            : site
    ReplicationSchedule    : 
    Subnets                : {}
    
    
    DistinguishedName      : CN=Detroit,CN=Sites,CN=Configuration,DC=contoso,DC=com
    Name                   : Detroit
    ObjectClass            : site
    ReplicationSchedule    : 
    Subnets                : {CN=10.20.30.0/25,CN=Subnets,CN=Sites,CN=Configuration,DC=contoso,DC=com, 
                              CN=10.40.50.0/24,CN=Subnets,CN=Sites,CN=Configuration,DC=contoso,DC=com...}
    

    Ok, Detroit has subnets assigned to it, while Chicago doesn't. Let's list only those without.

    But here's where it gets weird. None of the following return a single result:

    PS H:\> Get-ADReplicationSite -Filter * -Properties subnets | where-object {$_.subnets -eq $null}
    PS H:\> Get-ADReplicationSite -Filter * -Properties subnets | where-object {$_.subnets -eq "{}"}
    PS H:\> Get-ADReplicationSite -Filter * -Properties subnets | where-object {$_.subnets -like "*{}*"}
    PS H:\> Get-ADReplicationSite -Filter * -Properties subnets | where-object {$_.subnets -notlike "*CN*"}
    ----------------
    PS H:\> Get-ADReplicationSite -Filter * -Properties subnets | where-object {$_.subnets -like "*CN*"} < -- THIS RETURNS RESULTS FOR SITES WITH SUBNETS
    

    I'm guessing the subnet list is built at the time the command is run, as "Get-ADReplicationSite | Get-Member" does not list a property called "subnets," and in ADSIEdit the property is called "siteobjectBL." If one substitutes "siteobjectBL" for "subnets" in the above examples, all results are the same: the Get command shows {} or {CN=10...} accurately, but the Where-Object doesn't match on $null OR the literal string displayed on STDOUT.

    I'm vexed by this. =/ I've been up and down Goog... er, Bing and have found nothing, and on this forum I couldn't find a single hit for any ADReplicationSite cmdlet.

    I appreciate any ideas.

    J

  • #54124
    Profile photo of Rob Simmers
    Rob Simmers
    Participant

    It's most likely an array containing subnet information, which is what the curly brackets indicate that it's a collection. If we create a mock object like so:

    $adSites = @()
    
    $adSites += [pscustomobject]@{
        Name="Site1";
        Subnets = @("CN=10.20.30.0/25,CN=Subnets,CN=Sites,CN=Configuration,DC=contoso,DC=com", "CN=10.40.50.0/24,CN=Subnets,CN=Sites,CN=Configuration,DC=contoso,DC=com")
    }
    
    $adSites += [pscustomobject]@{
        Name="Site2";
        Subnets = @()
    }
    

    it will look similar:

    PS C:\Users\Rob> $adSites
    
    Name  Subnets                                                                                                                                           
    ----  -------                                                                                                                                           
    Site1 {CN=10.20.30.0/25,CN=Subnets,CN=Sites,CN=Configuration,DC=contoso,DC=com, CN=10.40.50.0/24,CN=Subnets,CN=Sites,CN=Configuration,DC=contoso,DC=com}
    Site2 {}       
    

    You should be able to do something like this:

    $adSites | Where{!($_.Subnets)}
    
    #or
    
    $adSites | Where{$_.Subnets.Count -eq 0}
    
    • This reply was modified 2 months, 3 weeks ago by Profile photo of Rob Simmers Rob Simmers.
  • #54126
    Profile photo of Dan Potter
    Dan Potter
    Participant

    You have to expand it.

    Get-ADReplicationSite -Filter * -Properties subnets | ? {($_ |select -ExpandProperty subnets).count -lt 1}

    or equals 0, or notmatch CN

  • #54127
    Profile photo of Olaf Soyk
    Olaf Soyk
    Participant

    This one works in my environment

    Get-ADReplicationSite -Filter * -Property subnets | Where-Object -FilterScript { -not ($_.Subnets)}
  • #54168
    Profile photo of Jdominioni .
    Jdominioni .
    Participant

    Dan,

    The thing that's twisting my noodle is the "where-object {$_.subnets -like "*CN*"}" does match on the contents of the Subnets property without expanding.

    Olaf, Rob,

    Ah, FilterScript. I'd forgotten about that. The "not" method you both suggested is what I'm going with.

    Thank you all for your help! =)

    Jason

You must be logged in to reply to this topic.