I have an issue I am sure many have were network team adds a subnet but forgets to tell the AD or SCCM team so I would like to alert when AD detects an unknown subnet. Does anyone know of a way to do this?
2 Likes
That sounds a bit tricky. Do you have reverse lookupzones in your AD? In that case you could create a list of all networks there and compare them to the list under sites.
Get subnets:
http://powershellblogger.com/2015/10/export-subnets-from-active-directory-sites-and-services/
And then you have to modifiy this a bit to get out the reverse zones from the AD.
Could you alert on NETLOGON 5807 events in the system log on DC’s?
http://www.anexinet.com/blog/missing-subnets-in-ad-sites-and-services-and-the-netlogon-5807-error/
2 Likes