Back
Featured image of post Set all AD related commands to use a special kind of server

Set all AD related commands to use a special kind of server

By default the Active Directory related commands search for a best domain controller.

This is great, but by default, I want them to make use of the closest one.

function Set-ADServerUsage
{
    <#
            .SYNOPSIS
          Set all Active Directory related commands to use a special kind of server

            .DESCRIPTION
          By default the Active Directory related commands search for a DC. By default I want to make
          use of the closest one. When I make BULK operations, I would like to use the Server with
          the PDC role. This becomes handy often!

            .PARAMETER pdc
          Use the Active Directory Server who holds the PDC role.

            .EXAMPLE
          # Use the closest Server
          PS> Set-ADServerUsage

            .EXAMPLE
          # Use the Server with the PDC role
          PS> Set-ADServerUsage -pdc

            .EXAMPLE
          # When it comes to scripts that do bulk operations, especially bulk loads and manipulation,
          # I use the following within the Script:
          if (Get-Command Set-ADServerUsage -ErrorAction SilentlyContinue)
          {
          Set-ADServerUsage -pdc
          }

            .NOTES
          I use this helper function in my PROFILE. Therefore, some things a bit special.
          Who want's an error message every time a window opens under normal circumstances?

          Author: Joerg Hochwald - http://jhochwald.com
          This script is public domain!
  #>

	param
	(
		[Parameter(ValueFromPipeline = $true,
					  ValueFromPipelineByPropertyName = $true,
					  Position = 1)]
		[switch]
		$pdc
	)

	begin
	{
		# Defaults
		$SC = 'SilentlyContinue'

		# Cleanup
		$dc = $null
	}

	process
	{
        <#
              The following would do the trick:
              #requires -Modules ActiveDirectory
              But I don't want any error messages, so I decided to use this old-school way to figure
              out if we are capable do what I want.
      #>
		if ((Get-Command Get-ADDomain -ErrorAction $SC) -and (Get-Command Get-ADDomainController -ErrorAction $SC))
		{
			if ($pdc)
			{
				# Use the PDC instead
				$dc = ((Get-ADDomain -ErrorAction $SC -WarningAction $SC).PDCEmulator)
			}
			else
			{
				# Use the closest DC
				$dc = (Get-ADDomainController -Discover -NextClosestSite -ErrorAction $SC -WarningAction $SC)
			}

			# Skip everything if we do NOT have the proper information.

            <#
                  Under normal circumstances this is pretty useless, but I use some virtual machines
                  that have the RSAT tools installed, but they are not domain joined. The fore I make
                  this check. If all the systems that have the RSAT installed are domain joined, this
                  test is obsolete.
          #>
			if ($dc)
			{
				# Make use of the Server from above
				$PSDefaultParameterValues.add('*-AD*:Server', "$dc")
			}
		}
	}
}

There is also a Gist for that.

And when I do bulk operations, I even want to do that on the server who have the PDC role. Some might find that useful as well.

# When it comes to scripts that do bulk operations, especially bulk loads and manipulation,
# I use the following within the Script:
if (Get-Command Set-ADServerUsage -ErrorAction SilentlyContinue)
{
    Set-ADServerUsage -pdc
}

Please note: The write operations during bulk operations against the server that has the PDC role might not be allowed within your company. Please ask your Domain Admins before doing it! You might see a increased replication traffic if you use the PDC Server. You might also keep in mind.

There is a fine line between the benefit by using the PDC and the drawbacks that you might get. I might be better to use the closest one instead. Something you have to decide based on the operations that you want to do!