Anthony Houssa

Hello guys!

I needed to write a script to get the list of all domain controllers in the
forest I am administering.
I decided to adapt a vbscript I wrote along time ago (very classic one) and
to adapt it to Powershell: I just make a search of ntdsdsa objects in the
configuration partition and return the dNSHostName attribute of the parent
object.
The number of servers returned is 430.

However, the execution time of the powershell script is very long! I did not
expected that.
Execution Time of vbs script: 1 min 27 sec
Execution Time of ps1 script: 5 min 55 sec

Can somebody explain me
1) why it takes so long with Powershell, while it is "just a translation"?
Servers are listed one by one, taking time between each of them

2) Is there a way to retrieve the list of all Domain Controllers in the
forest faster?

Thanks in advance,
Anthony Houssa

Please find the two scripts I used:
(If you have other comment to improve the scripts, don't hesitate. I like to
learn from the pros!)

-------------------------- POWERSHELL --------------------------

[datetime]$strStart = Get-Date

$objRootDSE = [ADSI]"LDAP://rootDSE"
$strConfigurationNC = $objRootDSE.configurationNamingContext

$objConfigurationNC = New-object
System.DirectoryServices.DirectoryEntry("LDAP://$strConfigurationNC")

$strFilter = "(objectClass=nTDSDSA)"
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher

$objSearcher.SearchRoot = $objConfigurationNC
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = "Subtree"

$colResults = $objSearcher.FindAll()

foreach ($objResult in $colResults)
{

$objItem = $objResult.getDirectoryEntry()
$objParent = $objItem.psbase.parent
$strServer = $objParent.dNSHostName
$strServer

}

Write-host

[datetime]$strEnd = Get-Date

$strTimeDiff = new-TimeSpan $strStart $strEnd
$strMin = $strTimeDiff.Minutes
$strSec = $strTimeDiff.Seconds

"Execution time: $strMin min $strSec sec"

-------------------------- VBSCRIPT --------------------------

On Error Resume Next

strStart = Now()

Set objRootDSE = GetObject("LDAP://rootDSE")
strConfigNC = objRootDSE.Get("configurationNamingContext")

set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

strADsPath = "<LDAP://" & strConfigNC & ">;"
strFilter = "(objectClass=nTDSDSA);"
strAtts = "ADsPath;"
strScope = "subtree"

strQuery = strADsPath & strFilter & strAtts & strScope

set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.CommandText = strQuery
Set objRecordset = objCommand.Execute

' Iterate through the results
If objRecordset.Eof and objRecordSet.Bof Then
WScript.Echo "No Domain Controllers were found"
Else
While Not objRecordset.EOF
Set objParent =
GetObject(GetObject(objRecordset.Fields("ADsPath") ).Parent)
strADSPath = Replace(objRecordset.Fields("ADSPath"),"LDAP://","")
strDCFQDN = objParent.Get("dnsHostName")
WScript.Echo strDCFQDN
objRecordset.MoveNext
Wend
End If

strEnd = Now()
strMin = DateDiff("n", strStart, strEnd)
strSec = DateDiff("s", strStart, strEnd)
WScript.Echo "Execution Time: " & strMin & " min " & strSec & " sec"

voodooking

no answer as to why it takes the time it does but if you have Quest. ad
installed
1 liner version would be
Get-QADComputer | where { $_.ComputerRole -eq "DomainController"}


"Anthony Houssa" wrote:

> Hello guys!
>
> I needed to write a script to get the list of all domain controllers in the
> forest I am administering.
> I decided to adapt a vbscript I wrote along time ago (very classic one) and
> to adapt it to Powershell: I just make a search of ntdsdsa objects in the
> configuration partition and return the dNSHostName attribute of the parent
> object.
> The number of servers returned is 430.
>
> However, the execution time of the powershell script is very long! I did not
> expected that.
> Execution Time of vbs script: 1 min 27 sec
> Execution Time of ps1 script: 5 min 55 sec
>
> Can somebody explain me
> 1) why it takes so long with Powershell, while it is "just a translation"?
> Servers are listed one by one, taking time between each of them
>
> 2) Is there a way to retrieve the list of all Domain Controllers in the
> forest faster?
>
> Thanks in advance,
> Anthony Houssa
>
> Please find the two scripts I used:
> (If you have other comment to improve the scripts, don't hesitate. I like to
> learn from the pros!)
>
> -------------------------- POWERSHELL --------------------------
>
> [datetime]$strStart = Get-Date
>
> $objRootDSE = [ADSI]"LDAP://rootDSE"
> $strConfigurationNC = $objRootDSE.configurationNamingContext
>
> $objConfigurationNC = New-object
> System.DirectoryServices.DirectoryEntry("LDAP://$strConfigurationNC")
>
> $strFilter = "(objectClass=nTDSDSA)"
> $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
>
> $objSearcher.SearchRoot = $objConfigurationNC
> $objSearcher.PageSize = 1000
> $objSearcher.Filter = $strFilter
> $objSearcher.SearchScope = "Subtree"
>
> $colResults = $objSearcher.FindAll()
>
> foreach ($objResult in $colResults)
> {
>
> $objItem = $objResult.getDirectoryEntry()
> $objParent = $objItem.psbase.parent
> $strServer = $objParent.dNSHostName
> $strServer
>
> }
>
> Write-host
>
> [datetime]$strEnd = Get-Date
>
> $strTimeDiff = new-TimeSpan $strStart $strEnd
> $strMin = $strTimeDiff.Minutes
> $strSec = $strTimeDiff.Seconds
>
> "Execution time: $strMin min $strSec sec"
>
> -------------------------- VBSCRIPT --------------------------
>
> On Error Resume Next
>
> strStart = Now()
>
> Set objRootDSE = GetObject("LDAP://rootDSE")
> strConfigNC = objRootDSE.Get("configurationNamingContext")
>
> set objConnection = CreateObject("ADODB.Connection")
> objConnection.Provider = "ADsDSOObject"
> objConnection.Open "Active Directory Provider"
>
> strADsPath = "<LDAP://" & strConfigNC & ">;"
> strFilter = "(objectClass=nTDSDSA);"
> strAtts = "ADsPath;"
> strScope = "subtree"
>
> strQuery = strADsPath & strFilter & strAtts & strScope
>
> set objCommand = CreateObject("ADODB.Command")
> objCommand.ActiveConnection = objConnection
> objCommand.CommandText = strQuery
> Set objRecordset = objCommand.Execute
>
> ' Iterate through the results
> If objRecordset.Eof and objRecordSet.Bof Then
> WScript.Echo "No Domain Controllers were found"
> Else
> While Not objRecordset.EOF
> Set objParent =
> GetObject(GetObject(objRecordset.Fields("ADsPath") ).Parent)
> strADSPath = Replace(objRecordset.Fields("ADSPath"),"LDAP://","")
> strDCFQDN = objParent.Get("dnsHostName")
> WScript.Echo strDCFQDN
> objRecordset.MoveNext
> Wend
> End If
>
> strEnd = Now()
> strMin = DateDiff("n", strStart, strEnd)
> strSec = DateDiff("s", strStart, strEnd)
> WScript.Echo "Execution Time: " & strMin & " min " & strSec & " sec"
>

Brandon Shell [MVP]

Try this instead

$forest = [system.directoryservices.activedirectory.Forest]::GetCurrentForest()
forest.domains | %{$_.DomainControllers} | %{$_.Name}

Brandon Shell
---------------
Blog: http://www.bsonposh.com/
PSH Scripts Project: www.codeplex.com/psobject

AH> Hello guys!
AH>
AH> I needed to write a script to get the list of all domain controllers
AH> in the
AH> forest I am administering.
AH> I decided to adapt a vbscript I wrote along time ago (very classic
AH> one) and
AH> to adapt it to Powershell: I just make a search of ntdsdsa objects
AH> in the
AH> configuration partition and return the dNSHostName attribute of the
AH> parent
AH> object.
AH> The number of servers returned is 430.
AH> However, the execution time of the powershell script is very long! I
AH> did not
AH> expected that.
AH> Execution Time of vbs script: 1 min 27 sec
AH> Execution Time of ps1 script: 5 min 55 sec
AH> Can somebody explain me
AH> 1) why it takes so long with Powershell, while it is "just a
AH> translation"?
AH> Servers are listed one by one, taking time between each of them
AH> 2) Is there a way to retrieve the list of all Domain Controllers in
AH> the forest faster?
AH>
AH> Thanks in advance,
AH> Anthony Houssa
AH> Please find the two scripts I used:
AH> (If you have other comment to improve the scripts, don't hesitate. I
AH> like to
AH> learn from the pros!)
AH> -------------------------- POWERSHELL --------------------------
AH>
AH> [datetime]$strStart = Get-Date
AH>
AH> $objRootDSE = [ADSI]"LDAP://rootDSE"
AH> $strConfigurationNC = $objRootDSE.configurationNamingContext
AH> $objConfigurationNC = New-object
AH> System.DirectoryServices.DirectoryEntry("LDAP://$strConfigurationNC"
AH> )
AH>
AH> $strFilter = "(objectClass=nTDSDSA)"
AH> $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
AH> $objSearcher.SearchRoot = $objConfigurationNC
AH> $objSearcher.PageSize = 1000
AH> $objSearcher.Filter = $strFilter
AH> $objSearcher.SearchScope = "Subtree"
AH> $colResults = $objSearcher.FindAll()
AH>
AH> foreach ($objResult in $colResults)
AH> {
AH> $objItem = $objResult.getDirectoryEntry()
AH> $objParent = $objItem.psbase.parent
AH> $strServer = $objParent.dNSHostName
AH> $strServer
AH> }
AH>
AH> Write-host
AH>
AH> [datetime]$strEnd = Get-Date
AH>
AH> $strTimeDiff = new-TimeSpan $strStart $strEnd
AH> $strMin = $strTimeDiff.Minutes
AH> $strSec = $strTimeDiff.Seconds
AH> "Execution time: $strMin min $strSec sec"
AH>
AH> -------------------------- VBSCRIPT --------------------------
AH>
AH> On Error Resume Next
AH>
AH> strStart = Now()
AH>
AH> Set objRootDSE = GetObject("LDAP://rootDSE")
AH> strConfigNC = objRootDSE.Get("configurationNamingContext")
AH> set objConnection = CreateObject("ADODB.Connection")
AH> objConnection.Provider = "ADsDSOObject" objConnection.Open "Active
AH> Directory Provider"
AH>
AH> strADsPath = "<LDAP://" & strConfigNC & ">;"
AH> strFilter = "(objectClass=nTDSDSA);"
AH> strAtts = "ADsPath;"
AH> strScope = "subtree"
AH> strQuery = strADsPath & strFilter & strAtts & strScope
AH>
AH> set objCommand = CreateObject("ADODB.Command")
AH> objCommand.ActiveConnection = objConnection
AH> objCommand.CommandText = strQuery
AH> Set objRecordset = objCommand.Execute
AH> ' Iterate through the results
AH> If objRecordset.Eof and objRecordSet.Bof Then
AH> WScript.Echo "No Domain Controllers were found"
AH> Else
AH> While Not objRecordset.EOF
AH> Set objParent =
AH> GetObject(GetObject(objRecordset.Fields("ADsPath") ).Parent)
AH> strADSPath =
AH> Replace(objRecordset.Fields("ADSPath"),"LDAP://","")
AH> strDCFQDN = objParent.Get("dnsHostName")
AH> WScript.Echo strDCFQDN
AH> objRecordset.MoveNext
AH> Wend
AH> End If
AH> strEnd = Now()
AH> strMin = DateDiff("n", strStart, strEnd)
AH> strSec = DateDiff("s", strStart, strEnd)
AH> WScript.Echo "Execution Time: " & strMin & " min " & strSec & " sec"

Anthony Houssa

this command returns DCs in the current domain only

"voodooking" <voodooking@discussions.microsoft.com> wrote in message
news:260A00FA-53E5-4786-BCDC-653856910367@microsoft.com...
> no answer as to why it takes the time it does but if you have Quest. ad
> installed
> 1 liner version would be
> Get-QADComputer | where { $_.ComputerRole -eq "DomainController"}
>
>
> "Anthony Houssa" wrote:
>
>> Hello guys!
>>
>> I needed to write a script to get the list of all domain controllers in
>> the
>> forest I am administering.
>> I decided to adapt a vbscript I wrote along time ago (very classic one)
>> and
>> to adapt it to Powershell: I just make a search of ntdsdsa objects in the
>> configuration partition and return the dNSHostName attribute of the
>> parent
>> object.
>> The number of servers returned is 430.
>>
>> However, the execution time of the powershell script is very long! I did
>> not
>> expected that.
>> Execution Time of vbs script: 1 min 27 sec
>> Execution Time of ps1 script: 5 min 55 sec
>>
>> Can somebody explain me
>> 1) why it takes so long with Powershell, while it is "just a
>> translation"?
>> Servers are listed one by one, taking time between each of them
>>
>> 2) Is there a way to retrieve the list of all Domain Controllers in the
>> forest faster?
>>
>> Thanks in advance,
>> Anthony Houssa
>>
>> Please find the two scripts I used:
>> (If you have other comment to improve the scripts, don't hesitate. I like
>> to
>> learn from the pros!)
>>
>> -------------------------- POWERSHELL --------------------------
>>
>> [datetime]$strStart = Get-Date
>>
>> $objRootDSE = [ADSI]"LDAP://rootDSE"
>> $strConfigurationNC = $objRootDSE.configurationNamingContext
>>
>> $objConfigurationNC = New-object
>> System.DirectoryServices.DirectoryEntry("LDAP://$strConfigurationNC")
>>
>> $strFilter = "(objectClass=nTDSDSA)"
>> $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
>>
>> $objSearcher.SearchRoot = $objConfigurationNC
>> $objSearcher.PageSize = 1000
>> $objSearcher.Filter = $strFilter
>> $objSearcher.SearchScope = "Subtree"
>>
>> $colResults = $objSearcher.FindAll()
>>
>> foreach ($objResult in $colResults)
>> {
>>
>> $objItem = $objResult.getDirectoryEntry()
>> $objParent = $objItem.psbase.parent
>> $strServer = $objParent.dNSHostName
>> $strServer
>>
>> }
>>
>> Write-host
>>
>> [datetime]$strEnd = Get-Date
>>
>> $strTimeDiff = new-TimeSpan $strStart $strEnd
>> $strMin = $strTimeDiff.Minutes
>> $strSec = $strTimeDiff.Seconds
>>
>> "Execution time: $strMin min $strSec sec"
>>
>> -------------------------- VBSCRIPT --------------------------
>>
>> On Error Resume Next
>>
>> strStart = Now()
>>
>> Set objRootDSE = GetObject("LDAP://rootDSE")
>> strConfigNC = objRootDSE.Get("configurationNamingContext")
>>
>> set objConnection = CreateObject("ADODB.Connection")
>> objConnection.Provider = "ADsDSOObject"
>> objConnection.Open "Active Directory Provider"
>>
>> strADsPath = "<LDAP://" & strConfigNC & ">;"
>> strFilter = "(objectClass=nTDSDSA);"
>> strAtts = "ADsPath;"
>> strScope = "subtree"
>>
>> strQuery = strADsPath & strFilter & strAtts & strScope
>>
>> set objCommand = CreateObject("ADODB.Command")
>> objCommand.ActiveConnection = objConnection
>> objCommand.CommandText = strQuery
>> Set objRecordset = objCommand.Execute
>>
>> ' Iterate through the results
>> If objRecordset.Eof and objRecordSet.Bof Then
>> WScript.Echo "No Domain Controllers were found"
>> Else
>> While Not objRecordset.EOF
>> Set objParent =
>> GetObject(GetObject(objRecordset.Fields("ADsPath") ).Parent)
>> strADSPath = Replace(objRecordset.Fields("ADSPath"),"LDAP://","")
>> strDCFQDN = objParent.Get("dnsHostName")
>> WScript.Echo strDCFQDN
>> objRecordset.MoveNext
>> Wend
>> End If
>>
>> strEnd = Now()
>> strMin = DateDiff("n", strStart, strEnd)
>> strSec = DateDiff("s", strStart, strEnd)
>> WScript.Echo "Execution Time: " & strMin & " min " & strSec & " sec"
>>

Anthony Houssa

Thanks Brandon! That's really clever.
Powershell will need me to learn a bit more of .NET Framework ;-)
Execution time is 37 sec!

But I am still curious: how can we explain the different of time between the
same script written with Powershell and vbscript?

"Brandon Shell [MVP]" <a_bshell.mask@hotmail.com> wrote in message
news:29d4f6465dde8caa03506677ba0@nn.bloomberg.com. ..
> Try this instead
>
> $forest =
> [system.directoryservices.activedirectory.Forest]::GetCurrentForest()
> forest.domains | %{$_.DomainControllers} | %{$_.Name}
>
> Brandon Shell
> ---------------
> Blog: http://www.bsonposh.com/
> PSH Scripts Project: www.codeplex.com/psobject
>
> AH> Hello guys!
> AH> AH> I needed to write a script to get the list of all domain
> controllers
> AH> in the
> AH> forest I am administering.
> AH> I decided to adapt a vbscript I wrote along time ago (very classic
> AH> one) and
> AH> to adapt it to Powershell: I just make a search of ntdsdsa objects
> AH> in the
> AH> configuration partition and return the dNSHostName attribute of the
> AH> parent
> AH> object.
> AH> The number of servers returned is 430.
> AH> However, the execution time of the powershell script is very long! I
> AH> did not
> AH> expected that.
> AH> Execution Time of vbs script: 1 min 27 sec
> AH> Execution Time of ps1 script: 5 min 55 sec
> AH> Can somebody explain me
> AH> 1) why it takes so long with Powershell, while it is "just a
> AH> translation"?
> AH> Servers are listed one by one, taking time between each of them
> AH> 2) Is there a way to retrieve the list of all Domain Controllers in
> AH> the forest faster?
> AH> AH> Thanks in advance,
> AH> Anthony Houssa
> AH> Please find the two scripts I used:
> AH> (If you have other comment to improve the scripts, don't hesitate. I
> AH> like to
> AH> learn from the pros!)
> AH> -------------------------- POWERSHELL --------------------------
> AH> AH> [datetime]$strStart = Get-Date
> AH> AH> $objRootDSE = [ADSI]"LDAP://rootDSE"
> AH> $strConfigurationNC = $objRootDSE.configurationNamingContext
> AH> $objConfigurationNC = New-object
> AH> System.DirectoryServices.DirectoryEntry("LDAP://$strConfigurationNC"
> AH> )
> AH> AH> $strFilter = "(objectClass=nTDSDSA)"
> AH> $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
> AH> $objSearcher.SearchRoot = $objConfigurationNC
> AH> $objSearcher.PageSize = 1000
> AH> $objSearcher.Filter = $strFilter
> AH> $objSearcher.SearchScope = "Subtree"
> AH> $colResults = $objSearcher.FindAll()
> AH> AH> foreach ($objResult in $colResults)
> AH> {
> AH> $objItem = $objResult.getDirectoryEntry()
> AH> $objParent = $objItem.psbase.parent
> AH> $strServer = $objParent.dNSHostName
> AH> $strServer
> AH> }
> AH> AH> Write-host
> AH> AH> [datetime]$strEnd = Get-Date
> AH> AH> $strTimeDiff = new-TimeSpan $strStart $strEnd
> AH> $strMin = $strTimeDiff.Minutes
> AH> $strSec = $strTimeDiff.Seconds
> AH> "Execution time: $strMin min $strSec sec"
> AH> AH> -------------------------- VBSCRIPT --------------------------
> AH> AH> On Error Resume Next
> AH> AH> strStart = Now()
> AH> AH> Set objRootDSE = GetObject("LDAP://rootDSE")
> AH> strConfigNC = objRootDSE.Get("configurationNamingContext")
> AH> set objConnection = CreateObject("ADODB.Connection")
> AH> objConnection.Provider = "ADsDSOObject" objConnection.Open "Active
> AH> Directory Provider"
> AH> AH> strADsPath = "<LDAP://" & strConfigNC & ">;"
> AH> strFilter = "(objectClass=nTDSDSA);"
> AH> strAtts = "ADsPath;"
> AH> strScope = "subtree"
> AH> strQuery = strADsPath & strFilter & strAtts & strScope
> AH> AH> set objCommand = CreateObject("ADODB.Command")
> AH> objCommand.ActiveConnection = objConnection
> AH> objCommand.CommandText = strQuery
> AH> Set objRecordset = objCommand.Execute
> AH> ' Iterate through the results
> AH> If objRecordset.Eof and objRecordSet.Bof Then
> AH> WScript.Echo "No Domain Controllers were found"
> AH> Else
> AH> While Not objRecordset.EOF
> AH> Set objParent =
> AH> GetObject(GetObject(objRecordset.Fields("ADsPath") ).Parent)
> AH> strADSPath =
> AH> Replace(objRecordset.Fields("ADSPath"),"LDAP://","")
> AH> strDCFQDN = objParent.Get("dnsHostName")
> AH> WScript.Echo strDCFQDN
> AH> objRecordset.MoveNext
> AH> Wend
> AH> End If
> AH> strEnd = Now()
> AH> strMin = DateDiff("n", strStart, strEnd)
> AH> strSec = DateDiff("s", strStart, strEnd)
> AH> WScript.Echo "Execution Time: " & strMin & " min " & strSec & " sec"
>
>

Brandon Shell [MVP]

It is important to understand that Powershell is NOT vbscript. It is natural
process to translate the vbscripts to Powershell (it is how I started) but
there comes a time when you need to start thinking Powershell and not vbscript


Once you make that transition you will find a whole new world of awesomeness


Brandon Shell
---------------
Blog: http://www.bsonposh.com/
PSH Scripts Project: www.codeplex.com/psobject

AH> Execution time is 37 sec!
AH>

Anthony Houssa

OK Morpheus, I got it... (think objects, ...)

Thanks again!

"Brandon Shell [MVP]" <a_bshell.mask@hotmail.com> wrote in message
news:29d4f6465de88caa03ddbea995d@nn.bloomberg.com. ..
> It is important to understand that Powershell is NOT vbscript. It is
> natural process to translate the vbscripts to Powershell (it is how I
> started) but there comes a time when you need to start thinking Powershell
> and not vbscript
>
> Once you make that transition you will find a whole new world of
> awesomeness
>
> Brandon Shell
> ---------------
> Blog: http://www.bsonposh.com/
> PSH Scripts Project: www.codeplex.com/psobject
>
> AH> Execution time is 37 sec!
> AH>
>