Preliminary Active Directory Analysis – Assessment
Guide for Initial Assessment
Introduction
Before performing any migration, security hardening, troubleshooting, or architectural changes, it is essential to conduct a preliminary analysis of the Active Directory (AD) environment.
This initial assessment provides visibility into the domain structure, domain controllers, users, computers, Group Policy Objects (GPOs), DNS configuration, and replication health.
The following guide outlines a set of PowerShell commands that can be used to gather key information about an Active Directory infrastructure.
All commands must be executed from PowerShell with administrative privileges and require the ActiveDirectory and GroupPolicy modules to be available on the system.
Preliminary Active Directory Analysis
Note: The following commands must be executed from PowerShell as Administrator.
1. Domain Verification and Basic Information
Domain name and functional level
Get-ADDomain | Select-Object Name, DistinguishedName, DomainMode
Active Domain Controllers (DCs)
Get-ADDomainController -Filter * | Select-Object Name, IPv4Address, Site, IsGlobalCatalog
2. Users and Groups
List all users in the domain
Get-ADUser -Filter * | Select-Object SamAccountName, Name, Enabled, LastLogonDate
This command helps identify:
- Disabled or inactive accounts
- Accounts that have not logged in recently
- General user population size
3. Computers
List all computers in the domain
Get-ADComputer -Filter * | Select-Object Name, OperatingSystem, LastLogonDate
Useful for:
- Identifying obsolete machines
- Verifying operating system versions
- Detecting inactive computer accounts
4. Group Policy Objects (GPO)
List all GPOs
Get-GPO -All | Select-Object DisplayName, GpoStatus, CreationTime
This provides insight into:
- Active vs disabled GPOs
- Policy sprawl
- Age and lifecycle of existing policies
5. DNS Infrastructure Information
Verify DNS records
Run the following command for each domain zone (e.g., domain.com):
Get-DnsServerResourceRecord -ZoneName "domain.com" -ComputerName "DCName"
DNS is critical for AD health. This step helps validate:
- Correct record registration
- Presence of stale or missing records
- Proper DC name resolution
6. Domain Organization Information
Forest and domain structure
Get-ADForest | Select-Object ForestMode, Domains, GlobalCatalogs
This command provides:
- Forest functional level
- List of domains in the forest
- Global Catalog placement
7. Sites and Services Configuration
List AD sites
Get-ADSite | Select-Object Name
Domain Controllers per site
Get-ADDomainController -Filter * | Select-Object Name, Site
These commands help verify:
- Proper site configuration
- Correct DC placement
- Alignment with network topology
8. Replication Configuration
Replication partners between DCs
Get-ADReplicationPartnerMetadata -Target * | Select-Object Server, Partner, Site, LastReplicationSuccess
Replication status summary
Get-ADReplicationSummary
These checks are essential to detect:
- Replication failures
- Latency issues
- Site-to-site replication problems
9. Complete Replication Configuration Report
Detailed replication report
repadmin /showrepl > C:\Temp\ReplicaReport.txt
This command generates a comprehensive replication report, useful for:
- Audits
- Troubleshooting
- Documentation and change management
Conclusion
A preliminary Active Directory analysis is a foundational step for maintaining a healthy, secure, and scalable directory service.
By systematically collecting domain, user, computer, policy, DNS, site, and replication data, administrators gain the insights required to make informed decisions and proactively address potential issues.
This guide can serve as a baseline checklist for audits, migrations, or ongoing operational reviews.
