# 1st get a list of all dhcp leased unique hostnames (from dhcp logs) and put into dhcp.csv
# 2nd get a list of all active directory computers and save it in ad.csv by running this powershell
# Get-ADComputer -Filter * |select name > ad.csv
# then run this python to compare and find the potentially rogue devices
adFile = r'ad.csv'
dhcpFile = r'dhcp.csv'
noADfile = r'notInAD.csv'
with open(dhcpFile, 'r') as dhcpFileHandle, open(noADfile, 'w') as notInADHandle:
notInADCount = 0
searchedCount = 0
for dhcpHost in dhcpFileHandle:
foundIt = 0
with open(adFile, 'r') as adFileHandle:
for adHost in adFileHandle:
adHost = adHost.lower().strip()
dhcpHost = dhcpHost.lower().strip()
if dhcpHost == adHost:
foundIt = 1
searchedCount = searchedCount + 1
if foundIt == 0:
print(dhcpHost, end='', file=notInADHandle)
notInADCount = notInADCount + 1
print("%s not in Active Directory, Searched %s DHCP Leases" % (str(notInADCount), str(searchedCount)))