How do I determine total number of Active Directory Forests in an enterprise

Question

I heard that theoretically we could port scan global network for TCP 3268 i.e identifying all Global Catalog Domain Controllers(DCs). So my questions are:

How identifying Global Catalog servers is correlated with total number of Active Directory Forests in an enterprise? How do I tell total number of forests by identifying all Global Catalog servers? Please elaborate this method.
Is there any alternative/automated/practical way to answer this question without checking network documentation and AD design documents or interviewing?

Kindly answer with explanation specific to above mentioned questions.

hidmov · Answer

Hi G-ONE&nbsp;&nbsp;Would something like the below script be of help?&nbsp;https://gallery.technet.microsoft.com/scriptcenter/Forest-and-Domain-6060a979#content&nbsp;&nbsp;

g-one · Answer

HidMov&nbsp;In my question, I am not asking about&nbsp;to determine functional level of the Active Directory forest and all domains in the forest. OR FSMO role holders, all sites, and and all Global Catalog servers in the forest.&nbsp;Please understand my original question clearly and then answer specifically.

hidmov · Answer

G-ONE&nbsp;Apologies - I would have thought that determining discrete forests through an automated script would help. Best of luck with it.

Forum Discussion

How do I determine total number of Active Directory Forests in an enterprise

Share

Resources