Hi,
some commands to manage Active Directory Domain Controllers by using the .NET System.DirectoryServices.ActiveDirectory.Domain Class.
Load the assembly
1 | [reflection.assembly]::LoadWithPartialName("System.DirectoryServices.Protocols")|Out-Null |
Get a Domain Object with the logon Domain of the current user
1 | $oADDomain=[System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() |
or get a Domain Object with the Domain of the computer
1 | $oADDomain=[System.DirectoryServices.ActiveDirectory.Domain]::GetComputerDomain() |
Get Domainmode and role owners…
1 2 3 4 5 6 | write-host " Domain mode: " $oADDomain.DomainModewrite-host " PDC Emulator: " $oADDomain.PdcRoleOwnerwrite-host " Infrastructure master: " $oADDomain.InfrastructureRoleOwnerwrite-host " Relative ID (RID) master:" $oADDomain.RidRoleOwnerwrite-host " Parent domain: " $oADDomain.parentwrite-host " Subdomains(if there are):" $oADDomain.children |
Get a list of all Domaincontrollers
1 | $coDCs=$oADDomain.FindAllDomainControllers() |
The following command shows a list of all DC’s with its Name and IP Address
Possibly other properties are
Forest,CurrentTime,HighestCommittedUsn,OSVersion,Roles,Domain,IPAddress,SiteName,Partitions
1 | $coDCs|Format-Table -Property Name,IPAddress |
List all trusted domains with trust-type and trustdirection
1 | $oADDomain.GetAllTrustRelationships()| format-table |
Get informations of specific trust
1 | $oADDomain.GetTrustRelationship("trusteddomain.com") |
Is the inbound trust relationship of domain a selective one
1 | $oADDomain.GetSelectiveAuthenticationStatus("trusteddomain.com") |
Michael