BSonPoSH

Last week I talked about how to "discover" information using the built in .NET classes for ActiveDirectory. This week I would like to show how you can do similar things with the ActiveDirectory cmdlets that ship with Win7 and R2.

The first task we discussed was getting Forest information like Domains, Sites, ForestMode, RootDomain, and Forest masters.

With .NET we do this

$Forest = [DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()

With the cmdlets we do this

$Forest = Get-ADForest

Next we discussed getting Domain information like Domain Controllers, DomainMode, Domain Masters, and Forest Root.

$Domain = [DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()

With the cmdlets we do this

$Domain = Get-ADDomain

Now the object we get back is slightly different so lets take a look

First lets look at what $Forest has to offer

PS C:UsersAdministrator> $Forest
 
ApplicationPartitions : {}
CrossForestReferences : {}
DomainNamingMaster    : Win2K8R2DC1.R2.Dev.Lab
Domains               : {R2.Dev.Lab}
ForestMode            : Windows2008R2Forest
GlobalCatalogs        : {Win2K8R2DC1.R2.Dev.Lab}
Name                  : R2.Dev.Lab
PartitionsContainer   : CN=Partitions,CN=Configuration,DC=R2,DC=Dev,DC=Lab
PSShowComputerName    : {}
RootDomain            : R2.Dev.Lab
SchemaMaster          : Win2K8R2DC1.R2.Dev.Lab
Sites                 : {Default-First-Site-Name}
SPNSuffixes           : {}
UPNSuffixes           : {}
WriteErrorStream      : {}

Finally, Lets look at $Domain

PS C:UsersAdministrator> $domain
 
AllowedDNSSuffixes                 : {}
ChildDomains                       : {}
ComputersContainer                 : CN=Computers,DC=R2,DC=Dev,DC=Lab
DeletedObjectsContainer            : CN=Deleted Objects,DC=R2,DC=Dev,DC=Lab
DistinguishedName                  : DC=R2,DC=Dev,DC=Lab
DNSRoot                            : R2.Dev.Lab
DomainControllersContainer         : OU=Domain Controllers,DC=R2,DC=Dev,DC=Lab
DomainMode                         : Windows2008R2Domain
DomainSID                          : S-1-5-21-4244231903-4101880959-1987002231
ForeignSecurityPrincipalsContainer : CN=ForeignSecurityPrincipals,DC=R2,DC=Dev,DC=Lab
Forest                             : R2.Dev.Lab
InfrastructureMaster               : Win2K8R2DC1.R2.Dev.Lab
LastLogonReplicationInterval       :
LinkedGroupPolicyObjects           : {CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=R2,DC=Dev,DC=Lab}
LostAndFoundContainer              : CN=LostAndFound,DC=R2,DC=Dev,DC=Lab
ManagedBy                          :
Name                               : R2
NetBIOSName                        : R2
ObjectClass                        : domainDNS
ObjectGUID                         : c2d8e67d-2a49-4352-a795-de2b6508b1dc
ParentDomain                       :
PDCEmulator                        : Win2K8R2DC1.R2.Dev.Lab
QuotasContainer                    : CN=NTDS Quotas,DC=R2,DC=Dev,DC=Lab
ReadOnlyReplicaDirectoryServers    : {}
ReplicaDirectoryServers            : {Win2K8R2DC1.R2.Dev.Lab}
RIDMaster                          : Win2K8R2DC1.R2.Dev.Lab
SubordinateReferences              : {CN=Configuration,DC=R2,DC=Dev,DC=Lab}
SystemsContainer                   : CN=System,DC=R2,DC=Dev,DC=Lab
UsersContainer                     : CN=Users,DC=R2,DC=Dev,DC=Lab

Here are some more specific examples on how to use these variables:

To see the forest roles

$forest | select SchemaMaster,DomainNamingMaster

To see the domain roles

$domain | select PDCEmulator,RIDMaster,InfrastructureMaster

To see what application partitions your forest has

$forest.ApplicationPartitions

NOTE: you can use this command to see all the AD Cmdlets have to offer

get-command -Module ActiveDirectory

tshell :: Jun.22.2009 :: Active Directory, All :: No Comments »

Trackback this post | Feed on Comments to this post