Private/GetDomainController.ps1
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 |
# Example Usage: GetDomainController -Domain $(Get-CimInstance Win32_ComputerSystem).Domain # If you don't specify -Domain, it defaults to the one you're currently on function GetDomainController { [CmdletBinding()] Param ( [Parameter(Mandatory=$False)] [String]$Domain, [Parameter(Mandatory=$False)] [switch]$UseLogonServer ) ##### BEGIN Helper Functions ##### function Parse-NLTest { [CmdletBinding()] Param ( [Parameter(Mandatory=$True)] [string]$Domain ) while ($Domain -notmatch "\.") { Write-Warning "The provided value for the -Domain parameter is not in the correct format. Please use the entire domain name (including periods)." $Domain = Read-Host -Prompt "Please enter the full domain name (including periods)" } if (![bool]$(Get-Command nltest -ErrorAction SilentlyContinue)) { Write-Error "Unable to find nltest.exe! Halting!" $global:FunctionResult = "1" return } $DomainPrefix = $($Domain -split '\.')[0] $PrimaryDomainControllerPrep = Invoke-Expression "nltest /dclist:$DomainPrefix 2>null" if (![bool]$($PrimaryDomainControllerPrep | Select-String -Pattern 'PDC')) { Write-Error "Can't find the Primary Domain Controller for domain $DomainPrefix" return } $PrimaryDomainControllerPrep = $($($PrimaryDomainControllerPrep -match 'PDC').Trim() -split ' ')[0] if ($PrimaryDomainControllerPrep -match '\\\\') { $PrimaryDomainController = $($PrimaryDomainControllerPrep -replace '\\\\','').ToLower() + ".$Domain" } else { $PrimaryDomainController = $PrimaryDomainControllerPrep.ToLower() + ".$Domain" } $PrimaryDomainController } ##### END Helper Functions ##### ##### BEGIN Variable/Parameter Transforms and PreRun Prep ##### $ComputerSystemCim = Get-CimInstance Win32_ComputerSystem $PartOfDomain = $ComputerSystemCim.PartOfDomain ##### END Variable/Parameter Transforms and PreRun Prep ##### ##### BEGIN Main Body ##### if (!$PartOfDomain -and !$Domain) { Write-Error "$env:ComputerName is NOT part of a Domain and the -Domain parameter was not used in order to specify a domain! Halting!" $global:FunctionResult = "1" return } $ThisMachinesDomain = $ComputerSystemCim.Domain # If we're in a PSSession, [system.directoryservices.activedirectory] won't work due to Double-Hop issue # So just get the LogonServer if possible if ($Host.Name -eq "ServerRemoteHost" -or $UseLogonServer) { if (!$Domain -or $Domain -eq $ThisMachinesDomain) { $Counter = 0 while ([string]::IsNullOrWhitespace($DomainControllerName) -or $Counter -le 20) { $DomainControllerName = $(Get-CimInstance win32_ntdomain).DomainControllerName if ([string]::IsNullOrWhitespace($DomainControllerName)) { Write-Warning "The win32_ntdomain CimInstance has a null value for the 'DomainControllerName' property! Trying again in 15 seconds (will try for 5 minutes total)..." Start-Sleep -Seconds 15 } $Counter++ } if ([string]::IsNullOrWhitespace($DomainControllerName)) { $IPOfDNSServerWhichIsProbablyDC = $(Resolve-DNSName $ThisMachinesDomain).IPAddress $DomainControllerFQDN = $(ResolveHost -HostNameOrIP $IPOfDNSServerWhichIsProbablyDC).FQDN } else { $LogonServer = $($DomainControllerName | Where-Object {![string]::IsNullOrWhiteSpace($_)}).Replace('\\','').Trim() $DomainControllerFQDN = $LogonServer + '.' + $RelevantSubCANetworkInfo.DomainName } [pscustomobject]@{ FoundDomainControllers = [array]$DomainControllerFQDN PrimaryDomainController = $DomainControllerFQDN } return } else { Write-Error "Unable to determine Domain Controller(s) network location due to the Double-Hop Authentication issue! Halting!" $global:FunctionResult = "1" return } } if ($Domain) { try { $Forest = [system.directoryservices.activedirectory.Forest]::GetCurrentForest() } catch { Write-Verbose "Cannot connect to current forest." } if ($ThisMachinesDomain -eq $Domain -and $Forest.Domains -contains $Domain) { [System.Collections.ArrayList]$FoundDomainControllers = $Forest.Domains | Where-Object {$_.Name -eq $Domain} | foreach {$_.DomainControllers} | foreach {$_.Name} $PrimaryDomainController = $Forest.Domains.PdcRoleOwner.Name } if ($ThisMachinesDomain -eq $Domain -and $Forest.Domains -notcontains $Domain) { try { $GetCurrentDomain = [system.directoryservices.activedirectory.domain]::GetCurrentDomain() [System.Collections.ArrayList]$FoundDomainControllers = $GetCurrentDomain | foreach {$_.DomainControllers} | foreach {$_.Name} $PrimaryDomainController = $GetCurrentDomain.PdcRoleOwner.Name } catch { try { Write-Warning "Only able to report the Primary Domain Controller for $Domain! Other Domain Controllers most likely exist!" Write-Warning "For a more complete list, try running this function on a machine that is part of the domain $Domain!" $PrimaryDomainController = Parse-NLTest -Domain $Domain [System.Collections.ArrayList]$FoundDomainControllers = @($PrimaryDomainController) } catch { Write-Error $_ $global:FunctionResult = "1" return } } } if ($ThisMachinesDomain -ne $Domain -and $Forest.Domains -contains $Domain) { [System.Collections.ArrayList]$FoundDomainControllers = $Forest.Domains | foreach {$_.DomainControllers} | foreach {$_.Name} $PrimaryDomainController = $Forest.Domains.PdcRoleOwner.Name } if ($ThisMachinesDomain -ne $Domain -and $Forest.Domains -notcontains $Domain) { try { Write-Warning "Only able to report the Primary Domain Controller for $Domain! Other Domain Controllers most likely exist!" Write-Warning "For a more complete list, try running this function on a machine that is part of the domain $Domain!" $PrimaryDomainController = Parse-NLTest -Domain $Domain [System.Collections.ArrayList]$FoundDomainControllers = @($PrimaryDomainController) } catch { Write-Error $_ $global:FunctionResult = "1" return } } } else { try { $Forest = [system.directoryservices.activedirectory.Forest]::GetCurrentForest() [System.Collections.ArrayList]$FoundDomainControllers = $Forest.Domains | foreach {$_.DomainControllers} | foreach {$_.Name} $PrimaryDomainController = $Forest.Domains.PdcRoleOwner.Name } catch { Write-Verbose "Cannot connect to current forest." try { $GetCurrentDomain = [system.directoryservices.activedirectory.domain]::GetCurrentDomain() [System.Collections.ArrayList]$FoundDomainControllers = $GetCurrentDomain | foreach {$_.DomainControllers} | foreach {$_.Name} $PrimaryDomainController = $GetCurrentDomain.PdcRoleOwner.Name } catch { $Domain = $ThisMachinesDomain try { $CurrentUser = "$(whoami)" Write-Warning "Only able to report the Primary Domain Controller for the domain that $env:ComputerName is joined to (i.e. $Domain)! Other Domain Controllers most likely exist!" Write-Host "For a more complete list, try one of the following:" -ForegroundColor Yellow if ($($CurrentUser -split '\\') -eq $env:ComputerName) { Write-Host "- Try logging into $env:ComputerName with a domain account (as opposed to the current local account $CurrentUser" -ForegroundColor Yellow } Write-Host "- Try using the -Domain parameter" -ForegroundColor Yellow Write-Host "- Run this function on a computer that is joined to the Domain you are interested in" -ForegroundColor Yellow $PrimaryDomainController = Parse-NLTest -Domain $Domain [System.Collections.ArrayList]$FoundDomainControllers = @($PrimaryDomainController) } catch { Write-Error $_ $global:FunctionResult = "1" return } } } } [pscustomobject]@{ FoundDomainControllers = $FoundDomainControllers PrimaryDomainController = $PrimaryDomainController } ##### END Main Body ##### } |