How do I determine total number of Active Directory Forests in an enterprise

Copper Contributor

I heard that theoretically we could port scan global network for TCP 3268 i.e identifying all Global Catalog Domain Controllers(DCs). So my questions are:

  1. How identifying Global Catalog servers is correlated with total number of Active Directory Forests in an enterprise? How do I tell total number of forests by identifying all Global Catalog servers? Please elaborate this method.

  2. Is there any alternative/automated/practical way to answer this question without checking network documentation and AD design documents or interviewing?

Kindly answer with explanation specific to above mentioned questions.

3 Replies

@HidMov In my question, I am not asking about to determine functional level of the Active Directory forest and all domains in the forest. OR FSMO role holders, all sites, and and all Global Catalog servers in the forest.

 

Please understand my original question clearly and then answer specifically.

@G-ONE Apologies - I would have thought that determining discrete forests through an automated script would help. Best of luck with it.