Identifying all Forests on the Network

Hi,

Is there a way to return all the forests on your network? I need to be able get the collection of forests and then then get all domains on each forest for some automation that I am trying to write.

Appreciate the assistance.

Cheers!

  • Listing all the domains in a forest can be accomplished using the following one-liner:

    Get-ADForest | Select-Object -Property Domains

    This does however not list all the forest on your network, what you could do is see if there are any forest trust relationships and from there on discover the domains in the trusted forests. You need some form of authentication to be able to discover which domains are available in forests outside of your current forest, either a trust or credentials.

  • PS C:\Windows> ([System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() ).GetAllTrustRelationships()

    PS C:\Windows> ([System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()).GetAllTrustRelationships()