03 April 2013

Find all domain controllers in domain


Using powershell one can find all domain controllers in domain using:

1. a LDAP filter:

Get-ADComputer -LDAPFilter "(&(objectCategory=computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))"


2. "Domain controllers" group and retreive his memebers:

Get-ADGroupMember 'Domain Controllers'


3. Get-ADDomainController cmdlet:

Get-ADDomainController -Filter * | Select-Object name

4 comments:

  1. Very nice, thanks for posting

    ReplyDelete
  2. Method 1:
    can be slow, as it actually looks thru all of the severs in the domain, looking for a match.

    Method 2:
    Can have errors. While the group should not contain other data, it is possible for it to have old servers, or data from incorrect changes to the group.

    Method 3:
    The faster of options, with much greater accuracy. Try the command "Get-ADDomainController -Filter *" at least once, to see the actual wealth of information provided.

    ReplyDelete
  3. Also:

    $a = new-object 'System.DirectoryServices.ActiveDirectory.DirectoryContext'("domain", "devad.swacorp.com" )

    [System.DirectoryServices.ActiveDirectory.DomainController]::FindAll($a)

    ReplyDelete
  4. Easiest way get-addomaincontrollers -filter *

    ReplyDelete