PowerShell: Resolve Bulk IP Addresses to Hostnames

Posted on Updated on

When you’re dealing with a large list of IP addresses from a firewall log or a network scan, manually running nslookup is not an option. You need a fast, automated way to perform a reverse DNS lookup to identify the devices on your network.

This script leverages the .NET [System.Net.Dns] class to perform high-speed lookups, converting a simple text file of IPs into a comma-separated list of hostnames.

The PowerShell Script

Save the code below as ResolveIPs.ps1. Create a file named hosts.txt in the same folder and paste your IP addresses (one per line).

PowerShell

PowerShell
# Get list from file, initialize empty array
$ListOfIPs = Get-Content ".\hosts.txt"
$ResultList = @()
# Roll through the list, resolving with the .NET DNS resolver
foreach ($IP in $ListOfIPs) {
    # Suppress errors for IPs that don't resolve
    $ErrorActionPreference = "silentlycontinue"
    $Result = $null
    # Status update for the user
    Write-Host "Resolving $IP..." -ForegroundColor Cyan
    
    # Pass the current IP to .NET for name resolution
    $Result = [System.Net.Dns]::GetHostEntry($IP)
    # Add results to the list
    if ($Result) {
        $ResultList += "$IP," + [string]$Result.HostName
    }
    else {
        $ResultList += "$IP,unresolved"
    }
}
# Export to file and notify completion
$ResultList | Out-File .\resolved.txt
Write-Host "Name resolution complete! Check .\resolved.txt" -ForegroundColor Green

How it Works

  • [System.Net.Dns]::GetHostEntry($IP): This is the heart of the script. It queries your configured DNS servers for a Pointer (PTR) record associated with the IP address.
  • Error Action Silencing: Since it’s common for some IPs (like guest devices or unmanaged switches) to lack DNS records, we use silentlycontinue to prevent the red error text from cluttering your console.
  • Array Building: The script creates a simple “IP,Hostname” format, which can easily be renamed to .csv and opened in Excel for further analysis.

💡 Lazy Admin Tips

  • DNS Suffixes: Ensure your machine has the correct DNS search suffixes configured. If the script only returns short names and you need FQDNs (Fully Qualified Domain Names), check your network adapter settings.
  • Speed: The .NET method used here is generally faster than the standard Resolve-DnsName cmdlet when dealing with large batches of legacy records.
  • Check Your PTRs: If the script returns “unresolved” for IPs you know are active, it’s a sign that your Reverse Lookup Zones in AD DNS might be missing records or need scavenging.

#PowerShell #Networking #DNS #SysAdmin #WindowsServer #Automation #ITPro #LazyAdmin #NetworkSecurity #TechTips

This entry was posted in Scripts, Windows and tagged , , , , , , , , , .

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.