Auto discover/identify missing subnets/boundaries
Given that ConfigMgr collects IPs/Subnets during inventory, it would be very helpfully if there was an automated way of identifying/discovering when clients are on a subnets that aren't configured within a boundary.
I made my mind on scripting that already, but was too complex so far. I thout about the following logic:
- Identify connections that are Domin connected (connection where WF Domain Profile applies)
- get Network Adress (calculated from PAdress and Subnet mask) and build IP Range out of it
- get AD Site Name
- get connection type (VPN,WiFi,LAN)
- ping a MP in the Dtacenter and count hops
- tracert athe same MP
- Write all these results to a DB table and calculate required IP Ranges out of it and find Ranges / Subnets, that tke the same routing path and add them to the same Group (assuming they belong to the same location then)
- create a recommendation of IP Ranges and Boundary Groups, that can then be optionally imported
Problem with AD Sites is mostly, that they are much "bigger" than real locations and therefore cannot be used accordingly as ConfigMgr boundaries in many cases
Tobias Furhem commented
would this even be feasible? considering that hardware inventory triggers not only when client is connected to your own managed LAN. It would also inventory ip-adresses for internet-cafés and or home networks.