PS Script Update V1.3: Find a working domain controller from any domain even on non domain joined PC`s

Today i release a update on the script function “get-dc”. Sinds the first release I have received some feature requests and i have improved the codes error handling. The full list of changes:

  • V1: Fixed a issue with the credentials when querying from a domain joined PC.
  • V1.1: Updated “Site” param to “ADsite” and try to resolve default AD site if the param is not specified.
  • V1.2: Added an aditional loop for cross forest DC lookup. If script won`t find a DC in the site it will retry all sites.
  • V1.3: Added support for specific AD role Global catalog using the switch “-isgc”
    Added support for specific AD role Active directory web services using switch “-isadws”
    Added support to return list of all working DC`s using “-listall”
    Added alias “gdc”
    Update the code for better error handling
    Added verbose & debug support output

This function supports exchange and active directory PowerShell commands from any pc and support for workflows. This script is about locating a domain controller that is up and running by validating its response on port 389 and return a random working, all working or even best responsive domain controller. Additional parameters can be used to filter down specific roles like Global catalog or Active Directory Web Services. You can query any domain from any pc as long as there is tcp connectivity between the computers and you have a account that can authenticate against the domain controllers. If you do not select a active directory site the function will try to resolve the site of the host pc running the function. If no site info can be resolved all the domain controllers of the domain will be tested. The script is written to use .NET framework so no additional modules are needed. Due to this the script is 100% compatible to run in PowerShell workflows, PowerShell Parallel workflows, parallel run spaces or C# run spaces utilizing PowerShell. Below is a recap of the full functionality of the script and new features.

You can find the script in the technet gallery or under the script section of this site.

The Help content of the script:

Lets see the function in action from a non domain joined computer.

We call the function and use the parameters “-Domain”  and “-Cred”  to specify the domain name and that we want to use a additional credentials. In the credential part we pass the “(get-credential)” to get a interactive GUI that uses the PowerShell secure password type.

psscriptget-dc2

The function returns the 13TH-DC02.13TH.LAN domain controller. ( this forest has 2 domain controllers 13TH-DC01 and 13TH-dc02)

psscriptget-dc3

The function uses a random return of up and running domain controllers. We will demonstrate this using a while loop. The function returns DC 1 and DC2 in a random order.

psscriptget-dc2

The function has support for best response time based on a 2 time ping average by using the parameter “-bestresponsetime”.

The best response parameters ensures that a domain controller close to you will be returned. I demonstrate this by using a while loop again. As you can see it 13TH-DC02 seems to be faster than 13TH-DC01.

psscriptget-dc2

To show that the connection test works we disable the virtual nic on 13TH-DC02 and we run the command again. Although the command runs slower do to timing out on the health check only the up and running domain controller 13TH-DC01 is returned.

psscriptget-dc2

If your DC`s are spread across data centers you can use the site parameter “-Site”  to specify a Active Directory site near to you to or use -site “*”  to specify all AD sites. If the site parameter is not used the script will try to resolve the AD your client is in and if it can not resolve the site it will switch to all sites again.

The new functionality of V1.3 introduces the “-isgc” switch to support returning only Global catalogs. As most company’s these days follow the best practice of any DC is  GC I still see large forests with separated DC`s.

If you domain controllers are still running Server 2008 servers and not all of them have the ADWS role installed you can use the “-isadws” switch to find a DC with ADWS role installed.

And finally the script now also supports the return of all up and running DCs that are within the query and switch scope. These new functionality`s are demonstrated in the screenshot below.

That`s all for now enjoy this updated function and let us know what you think by posting here or on the TechNet gallery.

Cheers

Martijn ( Scriptkiddie ) van Geffen

 

Leave a Reply

Your email address will not be published. Required fields are marked *