Some time ago I was asked to write a script which does an inventory of an active directory, such as finding all domain controllers, all global catalog servers, all sites/subnets, etc…
I will not be posting the entire script, instead I’ve chosen to offer you some oneliners which accomplish parts of it.
The first one is to get the Active Directory forest mode:
|
1 |
Get-ADForest | Select-Object -ExpandProperty ForestMode |
The second one is to get the Active Directory domain mode:
|
1 |
Get-ADDomain | Select-Object -ExpandProperty ForestMode |
The third one is to find all Domain Controllers (specific: their names), which can be done with a single PowerShell cmdlet:
|
1 |
Get-ADDomainController |
The next one is to find all Global Catalog servers. You can do this by using the Get-ADDomainController,Β added by a filter:
|
1 |
Get-ADDomainController -Filter {IsGlobalCatalog -eq $true} |
And to find all Read-Only Domain Controllers (RODC) you can do this the same way but with a different property:
|
1 |
Get-ADDomainController -Filter {IsReadOnly -eq $true} |
And last has to do with Active Directory replication. To find all automatic created connections:
|
1 |
Get-ADReplicationConnection -Filter {AutoGenerated -eq $true} |
AD Replication is very smart, but still people want to try and be smarter by creating manual connections for the replication.
So, to find the connections that someone may have created manually:
|
1 |
Get-ADReplicationConnection -Filter {AutoGenerated -eq $false} |
I hope that you find the above useful π
You should note that Get-ADReplicationConnection only works in Server 2012.
Since I have destroyed my Server 2012 lab, I have a question. To find the the AutoGenerated connections I look for AutoGenerated equals FALSE? But to find the manually created connections I look for AutoGenerated equals TRUE? Boy does that seem backwards!
Hi Carl,
You were the first to notice it and of course you were right. I’ve changed the post, thanks for the feedback π
Jeff.
You just did π Thanks π