Categories

Get the domain distinguished name

A comment on my post about finding domain controllers

http://msmvps.com/blogs/richardsiddaway/archive/2012/01/21/1805130.aspx

asked about finding the OU as its always seemed to be hard coded into these scripts.

The reason for the hard coding is to keep down  the script size so that its easier to absorb and we are only concentrating on the working bits of the script. 

Creating some of the OUs in scripts is very possible – but only the ones you know about. For instance all domains have:

  • a Domain Controllers OU
  • a Users container
  • a Computers container

Some of my examples have an England OU – which you might not have. Or you might nested OUs.

We can look at getting the distinguished name of the  Domain  Controllers OU an example

if (-not (Get-Module ActiveDirectory)){            
  Import-Module ActiveDirectory            
}            
            
"`nMicrosoft"            
$domdn = Get-ADDomain | select -ExpandProperty DistinguishedName            
$domdn            
$dcOU = Get-ADDomain | select -ExpandProperty DomainControllersContainer            
$dcOU            
            
"`nAD provider"            
$dom = Get-ChildItem -Path Ad:\ | where {$_.Name -eq "Configuration"}            
$domdn = ($dom.DistinguishedName -split "," ,2)[1]            
$domdn             
            
$dcOU = "OU=Domain Controllers,$domdn"            
$dcOU            
            
"`nQuest"            
$domdn = Get-QADRootDSE | select -ExpandProperty RootDomainNamingContext            
$domdn             
            
$dcOU = "OU=Domain Controllers,$domdn"            
$dcOU            
            
"`nScript"            
$domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()            
$domdn = $domain.GetDirectoryEntry() | select -ExpandProperty DistinguishedName            
$domdn             
            
$dcOU = "OU=Domain Controllers,$domdn"            
$dcOU


I get results like this



Microsoft
DC=Manticore,DC=org
OU=Domain Controllers,DC=Manticore,DC=org



AD provider
DC=Manticore,DC=org
OU=Domain Controllers,DC=Manticore,DC=org



Quest
DC=Manticore,DC=org
OU=Domain Controllers,DC=Manticore,DC=org



Script
DC=Manticore,DC=org
OU=Domain Controllers,DC=Manticore,DC=org



 



The important part is how we get the root of the domain.  Each of the techniques is different but we get to the same result.



You do this as alternative for the script method



$dom = [adsi]""
$domdn = $dom.distinguishedName



$dcOU = “OU=Domain Controllers,$domdn”

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>