Almost every Windows admin uses PowerShell. You can use PowerShell to perform almost any operations in the Active Directory. Active Directory PowerShell modules support four operations: create, delete, modify and collect. In this article, we will explain some of the useful PowerShell cmdlets to collect Active Directory objects counts and lists such as collecting Active Directory subnets count per Active Directory site, collecting Active Directory domains, retrieving application partition information, and getting a count of global catalog servers in an Active Directory forest.
Collecting Active Directory subnets count per Active Directory site
You may want to retrieve the number of total subnets assigned to each Active Directory site. This information is particularly useful when you need to ensure that the Active Directory site has the subnets associated properly and the count matches with what you have in your record. To collect a list of Active Directory subnets per Active Directory site, execute the below PowerShell script from an elevated PowerShell command prompt:
$TestCSVFile = “C:\Temp\ADSubnetsPerSite.CSV”
Remove-item $TestCSVFile -ErrorAction SilentlyContinue
$ThisString=”AD Site, Total Subnets”
Add-Content “$TestCSVFile” $ThisString
$CurForestName = “TechGenix.com”
$a = new-object System.DirectoryServices.ActiveDirectory.DirectoryContext(“Forest”, $CurForestName)
$Items=[System.DirectoryServices.ActiveDirectory.Forest]::GetForest($a).sites
$ItemCount=0
ForEach ($all in $Items)
{
$ItemCount++
}
$FinalText = “AD Subnets count per Site were retrieved. Please load result to see values.”
IF ($Error.count -eq 0)
{
}
else
{
$ErrorOrNot=”Yes”
}
IF ($ErrorOrNot -eq “Yes”)
{
$TestText = “Please check to make sure a Domain Controller is reachable to execute AD Test.”
$SumVal = “”
$TestStatus=”Error executing AD Test.”
}
else
{
$TestText = $FinalText
$SumVal=$ItemCount
$TestStatus=”Completed”
ForEach ($AllSites in $Items)
{
$TotSubCount=$AllSites.Subnets.Count
$ThisStr=$AllSites.Name+”,”+$TotSubCount
Add-Content “$TestCSVFile” $ThisStr
}
}
Once this PowerShell script has finished executing, you will see a report file by name “ADSubnetsPerSite.CSV” under C:\Temp folder which contains the Active Directory site name and the total number of subnets assigned to the Active Directory site as shown in the screenshot below:
Tip: In case an Active Directory site has not associated with any user subnets or if the output returns “0” for an Active Directory site, please make sure to assign at least one user subnet to the Active Directory site.
Collecting Active Directory domain count and list
To collect Active Directory domain count and list, you can use Get-ADForest PowerShell cmdlet. Note that Get-ADForest PowerShell provides useful information about an Active Directory forest including Active Directory domain. To query the total number of Active Directory domains, execute the PowerShell script below.
$TestCSVFile = “C:\Temp\DomainNameReport.CSV”
$ThisString=”Domain Name,”
Add-Content “$TestCSVFile” $ThisString
$CurForestName=”TechGenix.com”
$R=Get-ADForest $CurForestName
$Items = $R.Domains
$ItemCount=$R.Domains.Count
$TotDomNow = “Total Active Directory Domains: “+$ItemCount
Add-Content “$TestCSVFile” $TotDomNow
$SumVal=$ItemCount
ForEach ($ThisItem in $Items)
{
$FinalVal='”‘+$ThisItem+'”‘
Add-Content “$TestCSVFile” $FinalVal
}
The above script, once finished executing, collects Active Directory domain names in Active Directory forest specified in the “$CurForestName” variable and then stores the output in the “C:\Temp\DomainNameReport.CSV” file. The report also includes the total number of domains created in the Active Directory forest.
Collecting Application Partitions count and list
You may want to see a list of Application Partitions created in the Active Directory DNS server. This information is useful to ensure that only required application partitions are created. To retrieve a list of Application Partitions from Active Directory, execute PowerShell script below:
$TestCSVFile = “C:\Temp\AppPartions.CSV”
Remove-item $TestCSVFile -Error SlientlyContinue
$ThisString=”Application Partition,”
Add-Content “$TestCSVFile” $ThisString
$CurForestName=”TechGenix.com”
$R=Get-ADForest $CurForestName
$Items = $R.ApplicationPartitions
$ItemCount=$R.ApplicationPartitions.Count
$FinalText = “Application Partitions Count were retrieved. Please load result to see values.”
IF ($Error.count -eq 0)
{
}
else
{
$ErrorOrNot=”Yes”
}
IF ($ErrorOrNot -eq “Yes”)
{
$TestText = “Please check to make sure a Domain Controller is reachable to execute AD Test.”
$SumVal = “”
$TestStatus=”Error executing AD Test.”
}
else
{
$TestText = $FinalText
$SumVal=$ItemCount
$TestStatus=”Completed”
ForEach ($ThisItem in $Items)
{
$FinalVal='”‘+$ThisItem+'”‘
Add-Content “$TestCSVFile” $FinalVal
}
}
Once the above script has finished executing, a report file will be generated under “C:\Temp\AppPartitions.CSV” which contains the Application partitions created in the Active Directory Forest.
Counting Global Catalog Servers in Active Directory forest
In case you wish to know the number of Global Catalog Servers operating in an Active Directory, use Get-ADForest PowerShell cmdlet as shown in the commands below:
$CurForestName = “TechGenix.com”
$R=Get-ADForest $CurForestName
$Items = $R.GlobalCatalogs
$ItemCount=$R.GlobalCatalogs.Count
Write-Host “Number of Global Catalog Servers in $CurForestName is $ItemCount”
You can see how easy it is to collect the required information from Active Directory. All you need to know is the right PowerShell cmdlet to use.
Important: In PowerShell scripts explained in this article, you are required to change the Active Directory forest name in the “$CurForestName” variable. By default, PowerShell scripts are configured to use “TechGenix.com” as the Active Directory forest. Before using the above PowerShell scripts, please make sure to identify a computer running Windows Server 2012 R2 or later operating system, and this computer must have Active Directory PowerShell modules installed.
By using the PowerShell scripts explained in this article, you can collect information such as total number of user subnets associated per Active Directory site, total number of domains created in the Active Directory, Global Catalog Servers count and a list of Application Partitions that have been created in the DNS Server. You may want to include above PowerShell scripts in your Active Directory health procedure and execute these scripts every month or whenever you wish to.
