Skip to main content

Enabling and Disabling IPv6 in Your Domain

As I teach Windows Server 2012 and Windows 8, I still come across organizations that have disabled IPv6 in their environment for one reason or another.  So the question that I give my classes is “What are you going to do when you require IPv6 for something?”  As these organizations have been disabling IPv6 for years with each new client deployment, they now have hundreds of clients to enable it on.  Just for example, let’s say that we have an organization of 500 clients all in one physical site.  Let’s assume that for one individual to move to a client, get the user to log off, log in and then enable IPv6 is 3 minutes per client.  Yes, I know.  That is an optimistic guess.  Most users make you wait a few more minutes but let’s just roll with it.  It will take 25 hours of manual labor to complete this task.  This is not a good use of your time and a complete waste of company dollars.

In comes PowerShell. If you run the PowerShell command Get-NetAdapterBinding you will find the component ID that we are interested in is ms_tcpip6. Using the following commands, you can both enable and disable IPv6 on all adapters:

Get-NetAdapterBinding | Enable-NetAdapterBinding -ComponentID ms_tcpip6

Get-NetAdapterBinding | Disable-NetAdapterBinding -ComponentID ms_tcpip6

This will perform an Enable/Disable on all interfaces for the local machine.  But what able your environment?  Your network has 500 clients.  I am going to assume that PowerShell remoting has been enabled on all of your clients.  Let’s be clear, this code is not at the robust level that I would prefer it be at.  I generally write my code as functions/cmdlets as opposed to scripts. This code was generated for a Windows Server 2012 R2 class so we will leave the real fun stuff out for now.  For example, the Catch block displays text as opposed to placing the result in an object.  Also my little trick to speed this process up was left out. These are topics for another time.

Here is the code to disable IPv6 in your environment for all online clients.

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

$ComputerName = Get-ADComputer -Filter * | Select -ExpandProperty Name

 

ForEach ($C in $ComputerName)

{

    Try

    {

        Write-Host "Connecting to: $C" -ForegroundColor Cyan

        $S = New-PSSession -ComputerName $C -ErrorAction Stop

        Write-Host "Connection established" -ForegroundColor Green

        Invoke-Command -Session $S -ScriptBlock {

        $NICs = Get-NetAdapter | Select -ExpandProperty IfAlias

 

        ForEach ($N in $Nics)

        {

            If ((Get-NetAdapterBinding -InterfaceAlias $N -ComponentID ms_tcpip6).Enabled)

            {

                Disable-NetAdapterBinding -InterfaceAlias $N -ComponentID ms_tcpip6

            }

        }

        }

        $S | Remove-PSSession

    }

    Catch

    {

        Write-Host "Computer $C is not online or Remoting is not enabled" -ForegroundColor Red -BackgroundColor DarkRed

    }

}

 

 

And the code to enable IPv6.

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

$ComputerName = Get-ADComputer -Filter * | Select -ExpandProperty Name

 

ForEach ($C in $ComputerName)

{

    Try

    {

        Write-Host "Connecting to: $C" -ForegroundColor Cyan

        $S = New-PSSession -ComputerName $C -ErrorAction Stop

        Write-Host "Connection established" -ForegroundColor Green

        Invoke-Command -Session $S -ScriptBlock {

        $NICs = Get-NetAdapter | Select -ExpandProperty IfAlias

 

        ForEach ($N in $Nics)

        {

            If (!(Get-NetAdapterBinding -InterfaceAlias $N -ComponentID ms_tcpip6).Enabled)

            {

                Enable-NetAdapterBinding -InterfaceAlias $N -ComponentID ms_tcpip6

            }

        }

        }

        $S | Remove-PSSession

    }

    Catch

    {

        Write-Host "Computer $C is not online or Remoting is not enabled" -ForegroundColor Red -BackgroundColor DarkRed

    }

}

 

 

The two code samples are nearly identical with exception to lines 16 and 18. You may have to run this code multiple times.  I would change the Catch block to report clients that could not be contacted.  That way you can focus the next run on those specific clients.

 

 

Comments

Popular posts from this blog

Adding a Comment to a GPO with PowerShell

As I'm writing this article, I'm also writing a customization for a PowerShell course I'm teaching next week in Phoenix.  This customization deals with Group Policy and PowerShell.  For those of you who attend my classes may already know this, but I sit their and try to ask the questions to myself that others may ask as I present the material.  I finished up my customization a few hours ago and then I realized that I did not add in how to put a comment on a GPO.  This is a feature that many Group Policy Administrators may not be aware of. This past summer I attended a presentation at TechEd on Group Policy.  One organization in the crowd had over 5,000 Group Policies.  In an environment like that, the comment section can be priceless.  I always like to write in the comment section why I created the policy so I know its purpose next week after I've completed 50 other tasks and can't remember what I did 5 minutes ago. In the Group Policy module for PowerShell V3, th

Return duplicate values from a collection with PowerShell

If you have a collection of objects and you want to remove any duplicate items, it is fairly simple. # Create a collection with duplicate values $Set1 = 1 , 1 , 2 , 2 , 3 , 4 , 5 , 6 , 7 , 1 , 2   # Remove the duplicate values. $Set1 | Select-Object -Unique 1 2 3 4 5 6 7 What if you want only the duplicate values and nothing else? # Create a collection with duplicate values $Set1 = 1 , 1 , 2 , 2 , 3 , 4 , 5 , 6 , 7 , 1 , 2   #Create a second collection with duplicate values removed. $Set2 = $Set1 | Select-Object -Unique   # Return only the duplicate values. ( Compare-Object -ReferenceObject $Set2 -DifferenceObject $Set1 ) . InputObject | Select-Object – Unique 1 2 This works with objects as well as numbers.  The first command creates a collection with 2 duplicates of both 1 and 2.   The second command creates another collection with the duplicates filtered out.  The Compare-Object cmdlet will first find items that are diffe

How to list all the AD LDS instances on a server

AD LDS allows you to provide directory services to applications that are free of the confines of Active Directory.  To list all the AD LDS instances on a server, follow this procedure: Log into the server in question Open a command prompt. Type dsdbutil and press Enter Type List Instances and press Enter . You will receive a list of the instance name, both the LDAP and SSL port numbers, the location of the database, and its status.