New ways to do old things

Networking IT pros in the Windows Server space have been using a number of console applications to perform basic diagnostics for decades. Tools such as Ipconfig, Tracert, and NSlookup are used by IT pros all over the world. The network shell (netsh) is another veritable Swiss Army Knife set of tools to configure and manage Windows networking components.

PowerShell implements a number of cmdlets that do some of the tasks that older Win32 console applications provided. Cmdlets, such as Get-NetIPConfiguration and Resolve-DnsName, are newer alternatives to ipconfig.exe and nslookup.exe.

These cmdlets also add useful functionality. For example, using Test-NetConnection enables you to check whether a host that might block ICMP is supporting inbound traffic on a particular port. ping.exe only uses ICMP, which may be blocked somewhere in the path to the server.

One administrative benefit of using cmdlets rather than older console applications relates to remoting security. With JEA, as discussed in the Implementing Just Enough Administration recipe in Chapter 1, Establishing a PowerShell Administrative Environment, you can constrain a user to only be able to use certain cmdlets and parameter values. In general, cmdlets make it easier for you to secure servers that are open for remoting.

This recipe shows you some of the new cmdlets that are available with PowerShell and Windows Server 2019.

Getting ready

This recipe uses two servers: DC1.Reskit.Org and SRV1.Reskit.Org. DC1 is a domain controller in the Reskit.Org domain and SRV1 is a member server. See the recipe Installing Active Directory with DNS for details on how to set up DC1 as a domain controller. You must run this recipe on SRV1.

How to do it...

  1. Examine two ways to retrieve the IP address configuration (ipconfig versus a new cmdlet):
    # Two variations on the old way
    ipconfig.exe
    ipconfig.exe /all
    
    # The new Way
    Get-NetIPConfiguration
  2. Ping a computer:
    # The old way
    Ping DC1.Reskit.Org -4
    
    # The New way
    Test-NetConnection -ComputerName DC1.Reskit.Org
    
    # And some new things Ping does not do!
    Test-NetConnection -ComputerName DC1.Reskit.Org -CommonTCPPort SMB
    $ILHT = @{InformationLevel = 'Detailed'}
    Test-NetConnection -ComputerName DC1.Reskit.Org -port 389 @ILHT
  3. Use the sharing folder from DC1:
    # The old way to use a shared folder
    net use X:  \\DC1.Reskit.Org\C$
    
    # The new way using an SMB cmdlet
    New-SMBMapping -LocalPath 'Y:' -RemotePath '\\DC1.Reskit.Org\C$'
    
    # See what is shared the old way:
    net use
    
    # And the new way
    Get-SMBMapping
  4. Share a folder from SRV1:
    # Now share the old way
    net share Windows=C:\windows
    # and the new way
    New-SmbShare -Path C:\Windows -Name Windows2
    # And see what has been shared the old way
    net share
    # and the new way
    Get-SmbShare
  5. Display the contents of the DNS client cache:
    # The old way to see the DNS Client Cache
    ipconfig /displaydns
    # Vs
    Get-DnsClientCache
  6. Clear the DNS client cache using old and new methods:
    ipconfig /flushdns
    # Vs the new way
    Clear-DnsClientCache
  7. Perform DNS lookups:
    nslookup DC1.Reskit.Org
    Resolve-DnsName -Name DC1.Reskit.Org  -Type ALL

How it works...

In step 1, you examined the old/new way to view the IP configuration of a Windows host using ipconfig.exe and the Get-NetIPConfiguration cmdlet. First, you looked at two variations of using ipconfig.exe, which looks like this:

The Get-NetIPConfiguration cmdlet returns similar information, as follows:

In step 2, you examined the ping.exe command and the newer Test-NetConnection cmdlet. Using these two commands to ping DC1 (from SRV1) looks like this:

The Test-NetConnection cmdlet is also able to do some things that ping.exe cannot do, including testing access to a specific port (as opposed to just using ICMP) on the target host and providing more detailed information about connecting to that remote port, as you can see here:

In step 3, you examined new and old ways to create a drive mapping on the local host (that points to a remotely shared folder). The net.exe command, which has been around since the days of Microsoft LAN Manager, enables you to create and view drive mappings. The SMB cmdlets perform similar functions, as you can see here:

In step 4, you created and viewed an SMB share on SRV1, using both net.exe and the SMB cmdlets. This step looks like this:

DNS is all too often the focus of network troubleshooting activity. The Windows DNS client holds a cache of previously resolved network names and their IP addresses. This avoids Windows systems from having to perform DNS lookups every time a network host name is used. In step 5, you looked at the old and new ways to view the local DNS cache, which looks like this:

One often-used network troubleshooting technique involves clearing the DNS client cache. You can use ipconfig.exe or the Clear-DNSClientCache cmdlet, as shown in step 6. Neither the ipconfig.exe command or the Clear-DNSClientCache cmdlet produce any output.

Another troubleshooting technique involves asking the DNS server to resolve a DNS name. Traditionally, you would have used nslookup.exe. This is replaced with the Resolve-DNSName cmdlet. The two methods that you used in step 7 look like this:

There's more...

In step 1, you looked at two ways of discovering a host's IP configuration. Get-NetIPconfiguration, by default, returns the host's DNS server IP address, whereas ipconfig.exe doesn't. On the other hand, ipconfig.exe is considerably quicker.

Ping is meant to stand for Packet InterNetwork Groper and has been an important tool to determine whether a remote system is online. ping.exe uses ICMP echo request/reply, but many firewalls block ICMP (it has been an attack vector in the past). The Test-NetConnection cmdlet has the significant benefit that it can test whether the remote host has a particular port open. On the other hand, the host might block ICMP, if the host is to provide a service, for example, SMB shares, then the relevant port has to be open. Thus, Test-NetConnection is a lot more useful for network troubleshooting.

In step 2, you pinged a server. In addition to ping.exe, there are numerous third-party tools that can help you determine whether a server is online. The TCPing application, for example, pings a server on a specific port using TCP/IP by opening and closing a connection on the specified port. You can download this free utility from https://www.elifulkerson.com/projects/tcping.php.