You're reading from Active Directory Administration Cookbook, Second Edition Proven solutions to everyday identity and authentication challenges for both on-premises and the cloud

Product type Paperback

Published in Jul 2022

Publisher Packt

ISBN-13 9781803242507

Length 696 pages

Edition 2nd Edition

Languages

PowerShell

Tools

Azure

Concepts

Identity Management

Author (1):

Sander Berkouwer

View More author details

Table of Contents (18) Chapters

Preface

1. Chapter 1: Optimizing Forests, Domains, and Trusts

2. Chapter 2: Managing Domain Controllers FREE CHAPTER

3. Chapter 3: Managing Active Directory Roles and Features

4. Chapter 4: Managing Containers and Organizational Units

5. Chapter 5: Managing Active Directory Sites and Troubleshooting Replication

6. Chapter 6: Managing Active Directory Users

7. Chapter 7: Managing Active Directory Groups

8. Chapter 8: Managing Active Directory Computers

9. Chapter 9: Managing DNS

10. Chapter 10: Getting the Most Out of Group Policy

11. Chapter 11: Securing Active Directory

12. Chapter 12: Managing Certificates

13. Chapter 13: Managing Federation

14. Chapter 14: Handling Authentication in a Hybrid World (AD FS, PHS, PTA, and DSSO)

15. Chapter 15: Handling Synchronization in a Hybrid World (Azure AD Connect)

16. Chapter 16: Hardening Azure AD

17. Other Books You May Enjoy

Inventory domain controllers

It's a good thing to know all the domain controllers throughout an Active Directory domain. This activity doesn't just show the management burden for Active Directory administrators; it also allows them to make smart choices, especially when the environment is breached.

Although it's not recommended practice, administrators may place domain controllers outside the Domain Controllers Organizational Unit (OU). In that case, simply checking the computer accounts in that OU will not provide a 100% view of the domain controllers in use.

How to do it...

This recipe shows two ways to get a good overview of the domain controllers in an Active Directory domain:

Using Active Directory Users and Computers
Using the Active Directory module for Windows PowerShell

Using Active Directory Users and Computers to inventory domain controllers

Active Directory Users and Computers allows for querying the entire Active Directory domain for either writable domain controllers or read-only domain controllers in the following way:

Press Start.
Search for Active Directory Users and Computers and click its corresponding search result, or run dsa.msc. The Active Directory Users and Computers window appears.
In the left navigation pane, right-click the target domain name with which you want to inventory the domain controllers.
Select Find.
From the Find drop-down box, select Computers.
From the Role drop-down box, select Writable Domain Controllers or Read-Only Domain Controllers.
Click Find Now.

The list of domain controllers for the domain is now shown in the search results pane.

Using the Active Directory module for Windows PowerShell to inventory domain controllers

Using the Active Directory module for Windows PowerShell to inventory domain controllers is even easier.

Simply use the following line of Windows PowerShell:

Get-ADDomainController | Select-Object Name

If you want more information on the domain controllers within the current domain, simply add the characteristics you would like to see after the Select-Object cmdlet. For instance, you can add IPv4Address, IsGlobalCatalog, isReadOnly, OperatingSystem, and Site for good measure. If you're looking for a smart layout, simply append | Format-Table. If you want to get the information straight to your clipboard so that you can paste it into a report or anywhere else, append | clip.