Powershell: Active Directory Domain Operations

Hi,

some commands to manage Active Directory Domain Controllers by using the .NET System.DirectoryServices.ActiveDirectory.Domain Class.
Load the assembly

[reflection.assembly]::LoadWithPartialName("System.DirectoryServices.Protocols")|Out-Null

Get a Domain Object with the logon Domain of the current user

$oADDomain=[System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()

or get a Domain Object with the Domain of the computer

$oADDomain=[System.DirectoryServices.ActiveDirectory.Domain]::GetComputerDomain()

Get Domainmode and role owners…

write-host " Domain mode:             " $oADDomain.DomainMode
write-host " PDC Emulator:            " $oADDomain.PdcRoleOwner
write-host " Infrastructure master:   " $oADDomain.InfrastructureRoleOwner
write-host " Relative ID (RID) master:" $oADDomain.RidRoleOwner
write-host " Parent domain:           " $oADDomain.parent
write-host " Subdomains(if there are):" $oADDomain.children

Get a list of all Domaincontrollers

$coDCs=$oADDomain.FindAllDomainControllers()

The following command shows a list of all DC’s with its Name and IP Address
Possibly other properties are
Forest,CurrentTime,HighestCommittedUsn,OSVersion,Roles,Domain,IPAddress,SiteName,Partitions

$coDCs|Format-Table -Property Name,IPAddress

List all trusted domains with trust-type and trustdirection

$oADDomain.GetAllTrustRelationships()| format-table

Get informations of specific trust

$oADDomain.GetTrustRelationship("trusteddomain.com")

Is the inbound trust relationship of domain a selective one

$oADDomain.GetSelectiveAuthenticationStatus("trusteddomain.com")

Michael

Leave a Reply