FSMO roles report from Powershell

Today I want to share with you my script to gather FSMO roles report from Powershell.

Many times, when I was managing big Active Directory environments I want to find domain controller with specific FSMO role. Of course I could go to Active Directory snap ins and check it manually, but why do it for one server if I can gather all FSMO roles from whole AD forest.

At the beginning of the script I’ve added function to create each row of the report.
In next step I took all domains from the forest and check forest roles (Schema and Domain Naming Master) via one command and add it to FSMO roles array.

$ADForest = Get-ADForest | select DomainNamingMaster, SchemaMaster, Domains, Name

From ADForest variable I choose Domains attribute which contains all forest domains.
Foreach of them I used below command to check domain roles and add them to FSMO array.

$DomainFSMO = Get-ADDomain -Identity $Domain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator

Final script

function Add-ArrayRow{
   param
   (
   [Parameter(Position=0, Mandatory = $true, HelpMessage="Role level", ValueFromPipeline = $true)] 
   $RoleLevel,
   [Parameter(Position=1, Mandatory = $true, HelpMessage="Role type", ValueFromPipeline = $true)]
   $RoleType,
   [Parameter(Position=2, Mandatory = $true, HelpMessage="Server name", ValueFromPipeline = $true)]
   $ServerName,
   [Parameter(Position=2, Mandatory = $true, HelpMessage="Domain", ValueFromPipeline = $true)]
   $Domain
   )

   $Object = New-Object PSCustomObject
   $Object | Add-Member -MemberType NoteProperty -Name "RoleLevel" -Value $RoleLevel
   $Object | Add-Member -MemberType NoteProperty -Name "RoleType" -Value $RoleType
   $Object | Add-Member -MemberType NoteProperty -Name "ServerName" -Value $ServerName
   $Object | Add-Member -MemberType NoteProperty -Name "Domain" -Value $Domain
    return $Object
}
 
Import-Module Active Directory
$FSMOReport = @() $ADForest = Get-ADForest | select DomainNamingMaster, SchemaMaster, Domains, Name $Domains = $ADForest.Domains Write-Host Forest $ADForest.name roles....
$FSMOObject = Add-ArrayRow -RoleLevel Forest -RoleType "Schema Master" -ServerName $ADForest.SchemaMaster -Domain $ADForest.Name
$FSMOReport += $FSMOObject
$FSMOObject = Add-ArrayRow -RoleLevel Forest -RoleType "Domain Naming Master" -ServerName $ADForest.DomainNamingMaster -Domain $ADForest.Name
$FSMOReport += $FSMOObject
foreach($Domain in $Domains)
{
   Write-Host Processing domain roles $Domain...
   $DomainFSMO = Get-ADDomain -Identity $Domain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator
   $FSMOObject = Add-ArrayRow -RoleLevel Domain -RoleType "Infrastructure Master" -ServerName $DomainFSMO.InfrastructureMaster -Domain $Domain
   $FSMOReport += $FSMOObject
   $FSMOObject = Add-ArrayRow -RoleLevel Domain -RoleType "RID Master" -ServerName $DomainFSMO.RIDMaster -Domain $Domain
   $FSMOReport += $FSMOObject
   $FSMOObject = Add-ArrayRow -RoleLevel Domain -RoleType "PDC Emulator" -ServerName $DomainFSMO.PDCEmulator -Domain $Domain
   $FSMOReport += $FSMOObject
}
$FSMOReport | Export-Csv <directory>\FSMOReport.csv -NoTypeInformation
Write-Host Script completed

At the end of script there is additional line which will export your FSMO roles to CSV file.

I hope that it will be usefull for some of you 🙂
Enjoy!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.