Here are five sample scripts that can be used to display information about computers, domains, sites, and trusts in Active Directory.
Scripts are a quick way to drill down into Active Directory to display information you'd otherwise have to hunt for using the GUI. These five sample scripts can be used by themselves or as starting points for developing more sophisticated scripts. Just type them into Notepad (with Word Wrap turned off) and save them with a .vbs extension. Then, type cscript.exe scriptname.vbs to run them from a command prompt. Enjoy!
The following VBScript retrieves a list of all computers in a given domain (or Active Directory container). Modify the Domain to your company's NT/2000 domain name or Active Directory container, and the list of registered computers will display:
Dim Container
Dim ContainerName
Dim Computer
ContainerName = "Domain"
Set Container = GetObject("WinNT://" & ContainerName)
Container.Filter = Array("Computer")
For Each Computer in Container
Response.Write Computer.Name & "<BR>"
Next
This VBScript enumerates and lists all domains:
Dim NameSpace
Dim Domain
Set NameSpace = GetObject("WinNT:")
For Each Domain in NameSpace
Response.Write Domain.Name & "<BR>"
Next
This VBScript retrieves the name of the site to which the computer is assigned:
Set WshShell = Wscript.CreateObject("Wscript.Shell")
On Error Resume Next
Site = "Not Assigned"
Site = WshShell.RegRead( "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\" & _
"Services\Netlogon\Parameters\SiteName" )
If Err.Number=-2147024894 Then
Site = WshShell.RegRead( "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\" & _
"Services\Netlogon\Parameters\DynamicSiteName" )
End If
If Site = "Not Assigned" Then
WScript.Echo "This computer is not assigned to an Active Directory site."
Else
WScript.Echo "This computer is assigned to Active Directory site: " & site
End If
Use this VBScript to verify that a specific domain controller (DC) exists in a site. Just replace the items in double quotes in the first two lines with your values:
strDcName = "DCName"
strSiteName = "SiteName"
Set objADSysInfo = CreateObject("ADSystemInfo")
strDcSiteName = objADSysInfo.GetDCSiteName(strDcName)
If UCase(strSiteName) = UCase(strDcSiteName) Then
WScript.Echo "TRUE: " & strDcName & " is in site " & strSiteName
Else
WScript.Echo "FALSE: " & strDcName & " is NOT in site " & strSiteName
End If
Use this script to enumerate the trust relationships for your domain and display the results:
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & _
strComputer & "\root\MicrosoftActiveDirectory")
Set colTrustList = objWMIService.ExecQuery _
("Select * from Microsoft_DomainTrustStatus")
For each objTrust in colTrustList
Wscript.Echo objTrust.TrustedDomain
Wscript.Echo objTrust.TrustDirection
Wscript.Echo objTrust.TrustType
Wscript.Echo objTrust.TrustAttributes
Wscript.Echo objTrust.TrustedDCName
Wscript.Echo objTrust.TrustStatus
Wscript.Echo objTrust.TrustIsOK
Next
Rod Trent