Sep 17 2020 11:32 AM
I heard that theoretically we could port scan global network for TCP 3268 i.e identifying all Global Catalog Domain Controllers(DCs). So my questions are:
How identifying Global Catalog servers is correlated with total number of Active Directory Forests in an enterprise? How do I tell total number of forests by identifying all Global Catalog servers? Please elaborate this method.
Is there any alternative/automated/practical way to answer this question without checking network documentation and AD design documents or interviewing?
Kindly answer with explanation specific to above mentioned questions.
Sep 17 2020 12:46 PM
Hi @G-ONE
Would something like the below script be of help?
https://gallery.technet.microsoft.com/scriptcenter/Forest-and-Domain-6060a979#content
Sep 18 2020 03:35 AM
@HidMov In my question, I am not asking about to determine functional level of the Active Directory forest and all domains in the forest. OR FSMO role holders, all sites, and and all Global Catalog servers in the forest.
Please understand my original question clearly and then answer specifically.
Sep 18 2020 04:06 AM
@G-ONE Apologies - I would have thought that determining discrete forests through an automated script would help. Best of luck with it.