03 April 2013

Find all domain controllers in domain


Using powershell one can find all domain controllers in domain using:

1. a LDAP filter:

Get-ADComputer -LDAPFilter "(&(objectCategory=computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))"
2. "Domain controllers" group and retreive his memebers:

Get-ADGroupMember 'Domain Controllers'
3. Get-ADDomainController cmdlet:

Get-ADDomainController -Filter * | Select-Object name
Posted by at
Labels:

4 comments:

  1. Michael27 November, 2013 17:37

    Very nice, thanks for posting

    ReplyDelete
  2. Jean-Claude11 January, 2018 18:08

    Method 1:
    can be slow, as it actually looks thru all of the severs in the domain, looking for a match.

    Method 2:
    Can have errors. While the group should not contain other data, it is possible for it to have old servers, or data from incorrect changes to the group.

    Method 3:
    The faster of options, with much greater accuracy. Try the command "Get-ADDomainController -Filter *" at least once, to see the actual wealth of information provided.

    ReplyDelete
  3. Jean-Claude11 January, 2018 19:00

    Also:

    $a = new-object 'System.DirectoryServices.ActiveDirectory.DirectoryContext'("domain", "devad.swacorp.com" )

    [System.DirectoryServices.ActiveDirectory.DomainController]::FindAll($a)

    ReplyDelete
  4. hriosm30 January, 2018 21:43

    Easiest way get-addomaincontrollers -filter *

    ReplyDelete

Subscribe to: Post Comments (Atom)