Share this question

Welcome to Teachnovice Q&A, where you can ask questions and receive answers from other members of the community.

This is a collaboratively edited question and answer site for computer enthusiasts and power users. It's 100% free, no registration required.

Get mac address from IP using DHCP?

1 like 0 dislike
I am trying to create scripts/services that allow for waking PCs in a windows domain via WOL. Now i want to give the user the option to select an AD container as a starting point for the waking of PCs contained within. My initial thought is using DHCP as a repository to query for MAC addresses given the hostnames (which i can easily enough pull from AD given the container).

Is there a way to programmatically query the DHCP service/server, passing hostnames and recover the associated MAC addresses?

Or, is there a better/easier way to solve my problem?
asked Nov 12, 2014 by cottsak  

7 Answers

1 like 0 dislike
Best answer

Try dhcpexim.exe from microsoft.

or, if you prefer using pure C. DhcpEnumSubnetClientsV4

answered Nov 12, 2014 by J-16 SDiZ  
just tried dhcpexim.exe - it barfed on me. couldn't even export the local scope to file. (1) do you know for sure that i can get the MAC address from DhcpEnumSubnetClientsV4? and (2) is there a .net managed version of this function (or equivalent)?
Check use the ClientHardwareAddress field
not verified yet but seems most likely solution
0 like 0 dislike
You can't do that with DHCP. DHCP attributes IP from MAC, not the other way around. ARP is what converts IP into MAC but it's the machine itself that answers ARP requests so if it's off it's obviously not gonna answer ...

I suggest you store the MAC in your AD directly (I guess AD supports custom attributes ?)
answered Nov 12, 2014 by 246tNt  
Why can i not do this with DHCP - DHCP clearly contains the info i'm after. I just need to know if i can get access to it programmatically
No, the DHCP server has a database that contains the data you want. But the DHCP protocol doesn't offer anyway of getting to it. –
ok, i have edited the question to be more clear. i thought maybe you could query the DHCP service/server. maybe WMI or similar
0 like 0 dislike

you need to use arp to get a mac adress and doing so In C is a long process.

Mac adresses are hard coded, so if you have X computers go and get X mac addresses and tie them to the AD.

Note that the computer will have to be on to request its mac address.

answered Nov 12, 2014 by Recursion  
I was hoping not to get 'arp' answers. I know arp makes the request from the target NIC. I thought it was simple enough to exclude the arp option given that the PCs would be in a powered down state.
0 like 0 dislike

No problem; because all of the machines are in your domain you can put together a VBScript that will get the MACAddress(es) from the local machine and store it as an attribute of the computer object in Active Directory.

Here's a quick hack on how to do that (save this as a .vbs-file):

Option Explicit

Const COMPUTERLOCATION = "ou=Member Servers,dc=yourdomain,dc=com"
Const ATTRIBUTETOUSE = "otherTelephone"

Dim wshNetwork, strComputerName
Set wshNetwork = WScript.CreateObject("WScript.Network")
strComputerName = wshNetwork.ComputerName

Dim objWMIService, colNetCards, objComputer, objNetCard
Set objWMIService = GetObject("winmgmts:\\" & strComputerName & "\root\cimv2")
Set colNetCards = objWMIService.ExecQuery("Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = True")
Set objComputer = GetObject("LDAP://cn=" & strComputerName & "," & COMPUTERLOCATION) 
For Each objNetCard in colNetCards
    objComputer.PutEx ADS_PROPERTY_APPEND, ATTRIBUTETOUSE, Array(objNetCard.MACAddress)

Because your clients aren't all in the "Member Servers" OU above you'll need to modify the above script to include a directory search for the strComputerName do get the COMPUTERLOCATION.

When you have a working script, ask your domain administrator to put the script as a start-up script targetting the computers you need to monitor; that way it'll execute whenever a computer boots up. You can also run the script as a scheduled task to get your data from any clients that haven't rebooted or use psexec or some other way you can think of to get the data immediately. Or you can rewrite the script entirely to remote connect to all of your machines and get the data that way (which might not be possible due to local firewalls). Or you could write a small .NET console application which does the same thing, it's up to you...

Also, although there is a networkAddress-attribute defined for computer objects; by default the computer object itself does not have access to write to this property. Because start up-scripts run in the context of the SYSTEM account on the particular machine the easiest thing is to use an attribute that the computer object (SELF) has write access to. The otherTelephone-attribute is multivalued and part of the Personal-Information Property Set which all computer objects has write access to by default. If you want to use the networkAddress-attribute you need to set explicit write access to that attribute for all of your computers.

Also you need to bear in mind that storing the the MAC address in Active Directory means that all of the users in your domain will have read access to it which in turn might possibly (depending on your environment) pose a small security risk.

answered Nov 12, 2014 by Per Noalt  
i did think about this but i would prefer not to have to deploy script onto every PC. it seems a little less ideal that getting the data from a place on the server where it's already stored. that being said, failing getting the info from the DHCP repository, i think your idea is the next best bet
psexec seems to only work when there is an interactive session active on the PC. ie, when there is no user logged on it can't do it's thing. i was so hoping this was a miracle-app
0 like 0 dislike

To do it the way the network does.

Grab SharpPcap (Pcap wrapper for C#) and WinPcap (Windows) or libpcap (*nix). Write an application that creates SNMP packets to query the ARP table on the router.

Note: The ARP (Address Resolution Protocol) table is the table containing the mapping of IP address to MAC address.

I've been thinking about implementing an example that does this lately but I don't have one to show yet. Once I do, I'll make sure it gets added to the SharpPcap examples found in the project's source tree.

answered Nov 12, 2014 by Evan Plaice  
0 like 0 dislike

This is a little bit wacky it seems that there's no way to query the DHCP server programmatically. Thanks cottsak for asking the question. I understand that the DHCP protocol doesn't have such a query, but I thought mayb the executable from Microsoft might have some way you can address it from the command line. I haven't heard anybody anywhere say that there is no such case, but it must be so.

WHOA, wait a minute... I think I found what we're looking for: NETSH. cf:

Where it says if you open a command prompt on the DHCP server you can run this command:

netsh dhcp server scope show clients

and get a report such as this: - -00-0c-29-02-a4-09 - NEVER EXPIRES -D - - 00-22-19-10-29-75 -1/21/2012 8:39:25 AM -D

Yippeee! Thanks for the thread!! If it wasn't for this one, I enver would have narrowed my search to technet adn found that one.

answered Nov 12, 2014 by Friends of the Penguin  
0 like 0 dislike
Yeah dun worry about it, you can pull this info directly from DHCP if the PC has a lease.

Know how you right click and add a reservation in DHCP?

Look in DHCP for the 'unique ID'. It's the MAC address, sans the colons.
answered Nov 12, 2014 by Tim