Powershell - Domain Distinguished Name
The two lines below allow you to use the LDAP "RootDSE" object to dynamically access the root of an Active Directory (AD) domain, from a domain member. The defaultNamingContext
attribute on the RootDSE object contains the full distinguished name of the AD domain.$RootDSE = [adsi]"LDAP://RootDSE"
$DomainRoot = [adsi]"$($RootDSE.DefaultNamingContext)"
Now that you have a reference to the domain root in the $DomainRoot variable, you can perform any operations you need to from that point. For example, to enumerate the children of the domain root, simply type the following at your interactive Powershell command prompt:$DomainRoot.psbase.Children