Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Active Directory Administration Cookbook

You're reading from   Active Directory Administration Cookbook Actionable, proven solutions to identity management and authentication on servers and in the cloud

Arrow left icon
Product type Paperback
Published in May 2019
Publisher Packt
ISBN-13 9781789806984
Length 620 pages
Edition 1st Edition
Languages
Arrow right icon
Author (1):
Arrow left icon
Sander Berkouwer Sander Berkouwer
Author Profile Icon Sander Berkouwer
Sander Berkouwer
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Optimizing Forests, Domains, and Trusts FREE CHAPTER 2. Managing Domain Controllers 3. Managing Active Directory Roles and Features 4. Managing Containers and Organizational Units 5. Managing Active Directory Sites and Troubleshooting Replication 6. Managing Active Directory Users 7. Managing Active Directory Groups 8. Managing Active Directory Computers 9. Getting the Most Out of Group Policy 10. Securing Active Directory 11. Managing Federation 12. Handling Authentication in a Hybrid World (AD FS, PHS, PTA, and 3SO) 13. Handling Synchronization in a Hybrid World (Azure AD Connect) 14. Hardening Azure AD 15. Other Books You May Enjoy

Listing the domains in your forest

In an Active Directory environment with multiple domains and forests, it can be hard to distinguish the trees from the forest. As authentication is often per forest, an easy way to list the domains per forest will be welcome.

Getting ready

Alas, the only reliable way to list the domains in a forest is to use PowerShell.

For this recipe, we'll need one of the following:

  • A domain controller running Windows Server 2012 with Desktop Experience (or a newer version of Windows Server)
  • A domain-joined member server running Windows Server 2012 with Desktop Experience (or a newer version of Windows Server) with the Active Directory module for Windows PowerShell installed
  • A domain-joined device running Windows 8.1 (or a newer version of Windows) with the Active Directory module for Windows PowerShell installed
On domain controllers running Windows Server 2012 with Desktop Experience (and on newer versions of Windows Server), the Active Directory module for the Windows PowerShell feature is automatically installed, when promoted to domain controller.

On domain controllers running Server Core installations of Windows Server 2012 (and on newer versions of Windows Server), the availability of the Active Directory module for Windows PowerShell depends on the -IncludeManagementTools option for the Install-WindowsFeature Windows PowerShell cmdlet used to install the Active Directory Domain Services role.

Installing the Active Directory module for Windows PowerShell on Windows Server

To install the Active Directory module for Windows PowerShell on a Windows Server with Desktop Experience, follow these steps:

  1. Open Server Manager ( servermanager.exe).
  2. In the top gray pane, click Manage.
  3. Select Add Roles and Features from the context menu.
  4. In Add Roles and Features Wizard, click Next > until you reach the Select Features screen.
  5. On the Select Features screen, scroll down in the list of features until you reach Remote Server Administration Tools.
  6. Expand Remote Server Administration Tools.
  1. Expand Role Administration Tools.
  2. Expand AD DS and AD LDS Tools.
  3. Select the Active Directory module for Windows PowerShell feature:
  1. Click Next > until you reach the Confirm installation selections page.
  2. Click Install.
  3. Click Close.

To install the Active Directory module for Windows PowerShell on a Server Core installation of Windows Server, run these two commands:

PowerShell
Install-WindowsFeature RSAT-AD-PowerShell

Installing the Active Directory module for Windows PowerShell on Windows

To install the Active Directory module for Windows PowerShell on a Windows device, download the separately available Remote Server Administration Tools (RSAT) package for your version of Windows. After you install the package, all the RSAT will be available, including the Active Directory module for Windows PowerShell.

Required permissions

To list all the domains in a forest, use an account that is a member of the Enterprise Admins group in Active Directory.

How to do it...

On the system, start an elevated Windows PowerShell window or Windows PowerShell ISE window using the domain credentials for any account.

Then, type the following lines of PowerShell:

Import-Module ActiveDirectory
Get-ADForest | select domains

How it works...

On the first line, we verify that the Active Directory module for Windows PowerShell is installed, correctly configured, and ready.

On the second line, we use the Get-ADForest cmdlet from the Active Directory module to get the information for the current Active Directory forest. Then, we pipe the output of that command to select only the domains, since that's what we're after.

You can now make the best choices for implementing new domains and/or forests, and/or decommissioning domains and/or forests.

You have been reading a chapter from
Active Directory Administration Cookbook
Published in: May 2019
Publisher: Packt
ISBN-13: 9781789806984
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime