Active Directory sites should be related to consumer subnets. Your first activity after putting in a brand new Active Directory web page is to make sure you outline the consumer subnets after which affiliate the consumer subnets with the Active Directory web page. If you fail to affiliate consumer subnets with Active Directory sites, Active Directory shoppers similar to Windows shopper computer systems and Active Directory packages might select a far flung area controller for authentication, which, in flip, might motive needless Active Directory authentication visitors. You would all the time need to make certain that the Active Directory shoppers make a choice an area area controller for authentication.
In a big Active Directory surroundings, you’ll have a number of groups liable for managing Active Directory surroundings. For instance, you’ll have an IT crew this is liable for managing customers, computer systems, subnets, and logical Active Directory sites for a selected location in Dallas. Similarly, you’ll have a crew this is liable for managing Active Directory gadgets in a consumer location positioned in Denver. While IT groups may observe a process that explains the important steps to create a web page defining consumer subnets and associating consumer subnets with AD sites, it is vital to run a test each month to verify consumer subnets are related to AD sites accurately. This is the place this text comes to hand. The article supplies a easy PowerShell script that you’ll use to gather a listing of empty Active Directory sites that aren’t related to any consumer subnets.
Requirements for accumulating empty Active Directory sites
Before you’ll run the script, please be sure to run the script from a Windows Server 2012 R2 member server or area controller that has Active Directory PowerShell modules put in. Make positive to create a folder via title “C:Temp” at the pc from which you’ll run the script and a transformation the “$CurForestName” variable to the Active Directory woodland towards which you need to execute the script. Once you may have met the above necessities, replica the under script in a PS1 document and execute it from an increased PowerShell window.
Remove-item $TestCSVFile -ErrorMotion SilentlyContinue
$ThisString=”No Subnets in Active Directory Site, Site Location, Final Status”
Add-Content “$TestCSVFile” $ThisString
$a = new-object System.DirectoryProducts and services.ActiveDirectory.DirectoryContext(“Forest”, $CurForestName)
IF ($Error.depend -eq zero)
ForEach and every ($Site in $ADSites)
IF ($ErrorOrNot -eq “Yes”)
$STR = $ADTestName +”,”+$TestStartTime+”,”+$TestStatus+”,”+$SumVal +”,”+$TestTextual content
Once you may have completed executing the script, a file will likely be generated that can comprise simplest the title of empty Active Directory sites that shouldn’t have a consumer subnet related to it. This could also be proven within the screenshot under.
The PowerShell script assessments all Active Directory sites within the Active Directory woodland specified within the “$CurForestName” variable after which assessments the worth of $SiteSubnets variable. If the $SiteSubnets variable is $NULL or does no longer comprise any worth, that individual web page does no longer have any consumer subnets related to it. As you’ll see within the output above, the script discovered 5 empty Active Directory sites (SiteA, SiteB, SiteC, SiteD, and SiteE) that shouldn’t have any consumer subnets related to it. The script additionally supplies the Site Location so it’s more uncomplicated so that you can touch the crew this is liable for managing that individual consumer location.
This script is a part of PowerShell-based Dynamic Packs that ships with the Active Directory Health Profiler, which you’ll use to accomplish a whole well being test of an Active Directory woodland. There are 99 well being assessments integrated within the AD Health Profiler.
By using the PowerShell script supplied on this article, you’ll gather a listing of empty Active Directory sites that aren’t related to any consumer subnets. You can come with this script on your day by day Active Directory well being process and feature it run each month to verify the Active Directory Forest does no longer comprise any AD sites with out consumer subnets.