Author Posts

November 3, 2017 at 2:34 pm

I am a gnats hair above a beginner in PS. I want to inventory all devices inside an AD Forest. I have 4 domains inside the forest. I was able to return the current domain with ease using this script:

Get-ADComputer -Filter * | Out-File $OutputFile

Is there a way to run a script that grabs all four domains, or do I need to perform 4 searches, one in each domain? Any help is appreciated

Thanks

November 3, 2017 at 3:22 pm

You'll have to do each domain one at a time. The easiest was would be to map a new PSDrive to each of the four domains, using the Active Directory PSProvider. Then you can change to each “drive” and run the same command. The AD commands all target, by default, whatever domain “drive” you're in at the time.

November 3, 2017 at 8:09 pm

Or just use the example shown here as your starting point:

'blogs.msdn.microsoft.com/rslaten/2013/11/25/get-counts-of-all-operating-systems-in-a-forest-per-domain'

.. and tweak as needed.

Yet, that one is a bit long... since you qualified your PoSH experience as you have. Maybe this will work for you. Well, along with the approach Don suggested to make it easier for you to hang your hat on...

Clear-Host
# Get the forest information
($ADForestInfo = (Get-ADForest))

ApplicationPartitions : {DC=DomainDnsZones,DC=contoso,DC=com, DC=ForestDnsZones,DC=contoso,DC=com}
CrossForestReferences : {}
DomainNamingMaster : DC01.contoso.com
Domains : {contoso.com}
ForestMode : Windows2012R2Forest
GlobalCatalogs : {DC01.contoso.com}
Name : contoso.com
PartitionsContainer : CN=Partitions,CN=Configuration,DC=contoso,DC=com
RootDomain : contoso.com
SchemaMaster : DC01.contoso.com
Sites : {Default-First-Site-Name}
SPNSuffixes : {}
UPNSuffixes : {}

# Get data points from all computers in each domain found
# Display formatted to the screen

# Get data points from all computers in each domain found
ForEach ($Domain in (Get-ADForest).Domains)
{
"#"*40
"`n********* Working on $Domain *********"
'Using distinguished name: ' + ($DomainSearchDN = 'DC=' + $Domain.Split('.')[0] + ',' + 'DC=' + $Domain.Split('.')[1])
"`n"
"#"*40
(Get-ADComputer -Filter * -Properties * -SearchBase $DomainSearchDN -Server $Domain) `
| Select Name,SamAccountName,DNSHostName,SID,IPv4Address,
OperatingSystem,OperatingSystemVersion,OperatingSystemServicePack,OperatingSystemHotfix,
userAccountControl,PasswordExpired,PasswordLastSet,
whenCreated,whenChanged,
ServicePrincipalNames
}

November 9, 2017 at 3:05 pm

Thank you Don. I was able to get all of the domains to report their devices under AD control. Now I am hearing that there are some XP machines outside of the domain but I dont know where they could be, kinda like a needle in a haystack. Any thoughts on how I can accomplish this.

November 9, 2017 at 4:09 pm

Since the XP machines are outside domain you will not have access. Either look in DHCP server or you will need network sniffer to figure out live XP desktops out there.