How to Collect Information from Domain Controllers

Recently I have needed to collect information from domain controllers to generate a pre-migration report. To perform this task, I used different tools available on Windows Server. Today, in this post, I will show you how to collect information from domain controllers using a PowerShell script and command-line tools such as DCDIAG and NLTEST.

PowerShell Workaround

Using the following script, we will obtain requested information about all domain controllers that are online in our domain.

Requirements:

  • PowerShell version 3.0 or higher.
  • PowerShell Active Directory module. To learn how to install this module, see this link.

The information collected is stored in a table and is shown at the end of the execution of the script as shown in the following screenshot.

Get-ADDomanController

If you want to know more about the Get-ADDomainController cmdlet, check out this link: https://docs.microsoft.com/en-us/powershell/module/activedirectory/get-addomaincontroller?view=winserver2012-ps

DCDIAG

The following command will display the list of services a domain controller is advertising.

Services DC

If you want to know more about dcdiag command-line tool, check out this link: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc731968(v=ws.11)

NLTEST

You can also use the nltest command-line tool. By running the following command on a domain controller, you will get the following result:

Services DC

Flags

The data received from the request contains a set of indicators that describe the domain controller. This can be zero or a combination of one or more of the following values.

DS_DNS_CONTROLLER_FLAG: The DomainControllerName member is in DNS format.

DS_DNS_DOMAIN_FLAG: The DomainName member is in DNS format.

DS_DNS_FOREST_FLAG: The DnsForestName member is in DNS format.

DS_CLOSEST_FLAG: The domain controller is on the same site as the client.

DS_DS_FLAG: The domain controller is a directory service server for the domain.

DS_FULL_SECRET_DOMAIN_6_FLAG: The domain controller is a Windows 2008 or later writable domain controller.

DS_GOOD_TIMESERV_FLAG: The domain controller is running a reliable Windows Time Service for the domain.

DS_GC_FLAG: The domain controller is a global catalog server for the forest specified by DnsForestName.

DS_KDC_FLAG: The domain controller is a Kerberos Key Distribution Center for the domain.

DS_LDAP_FLAG: The server is an LDAP server.

DS_NDNC_FLAG: The Domain Name is an application (non-domain) naming context.

DS_PDC_FLAG: The domain controller is the primary domain controller of the domain.

DS_SELECT_SECRET_DOMAIN_6_FLAG: The domain controller is a Windows 2008 or later read-only domain controller.

DS_TIMESERV_FLAG: The domain controller is running the Windows Time Service for the domain.

DS_WRITABLE_FLAG: The domain controller hosts a writable directory service (or SAM).

If you want to know more about nltest command-line tool, check out this link: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc731935(v=ws.11)

Thanks for reading until the end. I hope you find this article useful and share it.