Domain
On Windows:
It is possible to use PowerView :
# Import PowerView
. .\PowerView.ps1
# Get domain name
Get-NetDomain
# Enumeration of the domain test.local
Get-NetDomain -Domain test.localActive Directory Module for Windows PowerShell is a PowerShell module that bundles a group of cmdlets.
# Importe DLL without installing RSAT module and without admin right
Import-Module .\Microsoft.ActiveDirectory.Management.dll
# Import module
Import-Module .\ActiveDirectory\ActiveDirectory.psd1
# Find the domain
Get-ADDomain
# Enumerate domain test.local
Get-ADDomain -Identity test.localActive Directory Service Interfaces (ADSI) are a set of COM interfaces used to access directory services features from different network vendors.
Administrators and developers can use ADSI Services to enumerate and manage resources in a directory service, regardless of the network environment that contains the resource.
$ADClass [System.DirectoryServices.ActiveDirectory.Domain]
$ADClass::GetCurrentDomain()Nltest is a command-line tool for performing network administration tasks. It is integrated with Windows Server 2008 and Windows Server 2008 R2. It is available if you have installed the AD-DS or AD-LDS server role. It is also available if you have installed the Active Directory Domain Services Tools which are part of the Remote Server Administration Tools (RSAT).
# Find domain
nltest /sc_query:<DOMAIN>
# Enumerate domain controllers
nltest /dclist:<DOMAIN> To find the server on which you are authenticated if your machine is enrolled in the domain:
echo %logonserver% Warning: the logon server variable is updated each time a machine is started.
Last updated