Came across an interesting, and horribly annoying, behavior with Windows 10..and probably any recent version of Windows. Windows will ALWAYS try to reuse the last successful dhcp lease it receives, even across reboots! So you may ask, why should I care about this? Well, if you are in say a school campus environment, with domain-ed clients, that are shared by students and faculty, which in turn are placed on different vlans...this behavior will indeed create havoc! The ip leased by say a student, will "stick" in the registry, and as long as the dhcp lease is still valid, it will be reused. Now a faculty member logs on, they end up associated to an AP and get assigned the faculty vlan at layer 2...but are stuck with an IP from the student vlan that's invalid for the that subnet.
The interface ip lease information is stored here (see example reg values below)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{Interface GUID}
"DhcpIPAddress"="10.2.21.28"
"DhcpSubnetMask"="255.255.252.0"
"DhcpDomain"="mydomain.local"
"DhcpNameServer"="10.1.2.19 10.1.2.17"
"DhcpDefaultGateway"=hex(7):31,00,30,00,2e,00,32,00,2e,00,32,00,30,00,2e,00,31,\
00,00,00,00,00
"DhcpSubnetMaskOpt"=hex(7):32,00,35,00,35,00,2e,00,32,00,35,00,35,00,2e,00,32,\
00,35,00,32,00,2e,00,30,00,00,00,00,00
This key is changed to the broadcast address from 10.1.2.19
"DhcpServer"="255.255.255.255"
The various ways to "reset" or clear these reg key values are as follows:
ipconfig /release from an active connection under the current session then log off or shutdown- ready for the next user
Log in as an administrative user and restart\stop the DHCP service- then log off or shutdown.
Neither option is particularly easy to trigger and schedule via a scheduled task....so what I ended up doing was multi-layered approach. I needed the above reg values to be cleared whether the machine was connected to the network or not...so this meant dropping the scripts locally. I used group policy preferences in a GPO to do that. 2 files, one the PS script to clear the reg...which is also searches for the correct interface GUID based on the name of the network connection...in our case "WiFi"
cd\cls$ErrorActionPreference='silentlycontinue'$NIC=Get-WmiObject -class Win32_NetworkAdapter -Filter "NetConnectionID='Wi-Fi'" | select -Property GUID -ExpandProperty GUID #needed to just get string wo headerRemove-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\$NIC -Name DhcpIPAddressRemove-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\$NIC -Name DhcpSubnetMaskRemove-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\$NIC -Name DhcpDomainRemove-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\$NIC -Name DhcpNameServerRemove-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\$NIC -Name DhcpDefaultGatewayRemove-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\$NIC -Name DhcpSubnetMaskOptSet-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\$NIC" -Name DhcpServer -Value 255.255.255.255exit
The other, a one liner cmd script to trigger the ps script:
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -noprofile -executionpolicy bypass -file C:\users\IPReleaseV3.ps1
The latter script, I used the same computer based GPO configured with a shutdown script referencing the local cmd script....so once the domained machine has the GPO associated and applied, the script will trigger on shutdown or restart whether on the network or not.....which is what we want.
C:\users\IPRelease.cmd
I seemingly had it licked now...but found out that thanks to Windows Hiberboot or Fast Startup they call it, a shutdown script will NOT be processed on shutdown ! It will just be skipped. On restart it does seem to execute though.
Anyway...I went ahead and pushed the following reg setting to disable Hiberboot..again, using GP preferences:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power\
HiberbootEnabled=0
So there you have it...a bit of a clunky solution but an absolute life saver in our situation.
Hope somebody finds this helpful !
