3

This self-answered question addresses the following scenario:

How can I write a PowerShell script to check if a computer is a domain controller or not?

Improve this question

3 Answers 3

Reset to default
2

Yes, if you need to check a list then that's fine, but if all you need is a list of DCs, then more efficient to get this directly.

$DomainName = 'MyDomain'

$DomDetail = Get-ADDomain -Identity $DomainName
$DCDetail = Get-ADDomainController -Server $DomDetail.PDCEmulator -Filter *
[pscustomobject]@{Name = $DomDetail.NetBIOSName;FQDN = $DomDetail.DNSRoot;PDC = $DomDetail.PDCEmulator;MemberDCs = $DCDetail}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

The Win32_OperatingSystem WMI class property ProductType will tell you if the computer is a workstation, domain controller or server:

ProductType

Data type: uint32

Access type: Read-only

Additional system information.

Work Station (1)

Domain Controller (2)

Server (3)


PowerShell Script:

$productType = (Get-CimInstance -ClassName Win32_OperatingSystem).ProductType
$cn = $env:COMPUTERNAME

switch ($productType)
{
    1 {"'$cn' is a workstation."; break}
    2 {"'$cn' is a domain controller."; break}
    3 {"'$cn' is a server."; break}
}
Improve this answer

Comments

-2

The code below can be run on Windows PowerShell. It will take an input list of computers called computers.csv and loop around them to check if it is a domain controller or not and then output the result into check_for_domain_controller.csv

$listofcomputers = Import-CSV -Path "C:\computers_list.csv"

foreach ($computerobject in $listofcomputers)
{
    $computername = $computerobject.Name
    Get-DomainRole -Computername $computername | 
    Export-csv -Path "C:\check_for_domain_controller.csv" -Append -NoTypeInformation
}

Input (computers.csv)

Name  
DC1  
DC2  
DC3  
DC4  
PC1  
PC2

Output (check_for_domain_controller.csv)

"Computer","IPAddress","PCType","DomainRole"  
"DC1","10.10.10.1","Desktop","Domain controller"  
"DC2","110.10.10.2","Desktop","Domain controller"  
"DC3","10.10.10.3","Desktop","Domain controller"  
"DC4","10.10.10.4","Desktop","Domain controller"  
"PC1","10.10.10.5","Desktop","Member server"  
"PC2","10.10.10.6","Desktop","Member server"
Improve this answer

5 Comments

Thanks for sharing. Can you clarify where Get-DomainRole comes from? It doesn't appear to be part of the ActiveDirectory module. Also, it's better to use a single pipeline that you can pipe to a single Export-Csv call, which is not only more efficient, but saves you from having to ensure that the target file doesn't already exist.=: (Import-CSV -Path "C:\computers_list.csv").Name | ForEach { Get-DomainRole -ComputerName $_ } | Export-csv -Path "C:\check_for_domain_controller.csv" -NoTypeInformation
Where does Get-DomainRole come from? See below - there's easy ways to get current domain controller using the common ActiveDirectory module
The Get-DomainRole is run on a Domain Controller specifically for computers that are joined to it's domain
Thanks, but what I'm asking is where you get that command from? Given that it doesn't appear to be a standard cmdlet, does it come with a third-party module you installed, did you get it from a GitHub project or a Gist, or ...?
github.com/VernAnderson/PowerShell/blob/master/…

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.