Troubleshoot connectivity problems with a script that queries three network services
I'm always looking for tools to simplify my job as a systems administrator. Sometimes those administrative tools are available from a third-party vendor; sometimes I need to create them. Many of the tools I create are scripts that run from the command line—nothing fancy, but they do what I need. Learning administrative scripting is crucial because of the limitations of many Windows-based administration tools: Scripting provides customization that prebuilt solutions often can't. (For more information about command-line tools for account management, see "Take Command of Your Management Tasks," February 2001, InstantDoc ID 16426).
I created a script a few years ago that continues to be one of the most helpful pieces of code I've written. I developed the script to help me troubleshoot network connectivity problems because I was tired of manually looking up information about a remote workstation or server in the following network-service databases:
- DHCP server. This server stores IP reservations, assigns dynamic IP addresses, and hands out machine configuration information. The DHCP server database stores the computer name and network adapter media access control (MAC) address of each computer on the network.
- DNS. DNS provides the lookup mechanism for matching a Fully Qualified Domain Name (FQDN) to an IP address.
- WINS. WINS servers resolve NetBIOS names to IP addresses. Windows clients register with WINS servers to share their NetBIOS name, MAC address, and NetBIOS registration information.
Querying all these databases for network information is a time-consuming task. My code uses command-line tools and scripting techniques to create an all-in-one lookup tool that returns information about a specific computer.
The Right Tools for the Job
Three tools let you query the network-services databases: Dhcpcmd, for DHCP; Winscl, for WINS; and Nslookup, for DNS. The first two tools, Dhcpcmd and Winscl, are both available in the Windows NT 4.0 Resource Kit Support Tools at http://www.microsoft.com/ntserver/nts/downloads/recommended/ntkit/default.asp (Winscl is also available with the Microsoft Windows 2000 Resource Kit CD-ROM). Nslookup is included with the Win2K and NT OSs.
My script, netlookup.bat (which Listing 1, page 58, shows), has three major sections, each of which uses one of these tools to perform a lookup of one of the network-services databases. The script then redirects the results of those lookups to a text file that you can display on screen. When you run the script from the command line, you provide as the first parameter the name of the computer about which you want information. For example, to query for information about a machine named Niser, you would type
at the command line. You might want to copy the query tools into one directory or make sure they're part of your system path so that netlookup.bat can easily find them. Also, each utility needs appropriate permissions to access each database.
The code at callout A in Listing 1 defines variables for the temporary files the script uses: dhcpdump stores the results of the DHCP query, lookupresults holds the data gathered during the script's execution, and winsclinput stores the WINS input file.
Using Dhcpcmd to Query DHCP
The code at callout B calls Dhcpcmd to query a specific scope on a specific DHCP server to return the lease information from the database. The generic syntax is
command \[command options\]
Command options range from one that creates subnets to one that adds reservations. The Enumclients command tells the DHCP server to query the database for IP address lease information. Netlookup uses a DHCP server with the IP address 10.0.1.5 configured with the subnet 10.0.1.0. The -h command option displays the MAC address for each computer along with the lease information. Enumclients returns the entry record number in the database, the IP address leased, and the NetBIOS name of the computer. The query returns all the subnet's leases, so the script redirects the Dhcpcmd output to the variable %dhcpdump%, which Netlookup then filters for information about the computer Niser. At callout C, Netlookup uses the Findstr utility, a helpful text patternmatching tool, to search for "Niser" in dhcpdump.txt. The -i tells Findstr to ignore case, and %1 represents the parameter Niser that I specified on the call to Netlookup. The results appear on screen, as follows:
If you have multiple scopes or DHCP servers to search, add them as additional lines in Netlookup. Because the variables Netlookup defines point to text files under the %temp% system variable, you don't have to worry about the location of the Temp directory. In Win2K, %temp% defaults to %userprofile%\Local Settings in the user's profile; in NT, the variable usually points to C:\Temp.
Querying WINS with Winscl
Next, Netlookup searches the WINS database. Winscl is a great tool for looking up information in WINS and an excellent alternative to using the database's time-consuming GUI. When you run Winscl from the command line, the tool prompts you for several responses. Netlookup supplies the responses for you in an answer file embedded in the code at callout D. The code at Callout D echos the header information for the lookupresults file and redirects the text to the Winscl file. Then, Netlookup specifies 1 to tell Winscl that you use TCP/IP (not named pipes) and supplies the NetBIOS name of the WINS server to query. Netlookup then specifies QN (to tell Winscl to query names), %1 to represent the computer name to search for, and 0 to indicate that you don't want to query for specific NetBIOS registrations. Finally, Netlookup uses the EX command to exit the tool.
As it did with the Dhcpcmd results, Netlookup uses Findstr to pick out only the information you need. The code at callout E calls Winscl and Findstr with a pipe symbol between them, which tells the system to run Winscl, then do something with the results. The information you want to filter from the results of Winscl is in two different lines, so Findstr matches two patterns. Two /c switches on the Findstr command pattern-match on text strings that the developer specifies (in this case, Name= and "Address is"). The script redirects the results to lookupresults.txt and adds them to the DHCP query results. Notice the script uses two greater than (>) signs to append the results to the file's existing text. After you run the command, the contents of the lookupresults.txt file appear as follows:
You'll find Winscl a bit clunky, but useful. DNS will replace WINS over time, but until it does, the need to manage and understand WINS is as important as ever.
DNS Queries with Nslookup
The DNS database lookup is the easiest of the three database lookups to perform. Netlookup uses the Nslookup utility to query DNS about the computer name you specified when you called Netlookup. The code at callout F calls Nslookup and adds the results to the lookupresults.txt file.
Ping and Results
After Netlookup collects the network-service information, it pings the remote computer to verify that the IP address is accessible (if the user specified the optional -p switch on the command line). Callout G shows the syntax that provides the optional ping.
After the script completes the DHCP, WINS, and DNS queries, the line of code at callout H displays the results to your screen. You can make the lookupresults.txt file easier to read by adding a descriptive Echo statement before each section of code that queries one of the databases. The script's final lines of code clear the Netlookup files.
When you're trying to determine why you can't connect to a specific computer on your network, you want to do it quickly. Various command-line tools are available for querying DHCP, WINS, and DNS, and when you tie them together with a script such as Netlookup, you have a fast and easy way to acquire the information you need all at once.