🎉 Our Microsoft 365 Reporting & Management Tool is now available in Azure Marketplace 🚀
This website uses cookies to improve your experience. We'll assume you're ok with this. Know more.
Active Directory

How to List Servers in an Active Directory Domain

An up-to-date list of Active Directory servers in the domain is essential for effective IT management. It allows administrators to keep track of the infrastructure, ensure backup resources, improve security, and enhance overall directory performance. This guide will walk you through the steps to find all servers in an Active Directory domain and lay a strong foundation for further server management tasks.

Solution 1
Solution 2
Solution 3
Solution 4
Important Tips
Errors and Resolution Steps
FAQs

Find All Servers in Active Directory Using the ADUC Console

Active Directory Permission Required
Account Operators Least Privilege
Administrators Most Privilege
  • Open the Active Directory Users and Computers console, then right-click Saved Queries in the left pane and select New»Query.
  • Enter the name and an optional description. Ensure that the Include subcontainers check box is checked and click Define Query.
  • Select Custom Search from the Find drop-down menu. Then, switch to the Advanced tab and enter the following LDAP query. 
    (&(objectCategory=computer)(operatingSystem=*Server*))
  • Click OK to save the query, then click OK again to close the configuration window. The list of all servers in your Active Directory domain will be listed in the right pane.
Find All Servers in Active Directory Using the ADUC Console

Get All Servers in Active Directory Domain Using ADAC

Active Directory Permission Required
Account Operators Least Privilege
Administrators Most Privilege
  • Open the Active Directory Administrative Center (ADAC) and navigate to the Global Search tab.
  • Choose the Convert to LDAP radio button, enter the following LDAP query, and hit the Apply button to find all servers in Active Directory.
    (&(objectCategory=computer)(operatingSystem=*Server*))
Get All Servers in Active Directory Domain Using ADAC

Export All Servers From Active Directory Using PowerShell

Active Directory Permission Required
Domain User Least Privilege
Administrators Most Privilege
  • To get all servers in Active Directory with PowerShell, the 'Get-ADComputer' cmdlet can be used, but it lists all computers with basic details rather than servers alone.
  • Further processing and filtering are needed to list all Active Directory servers using PowerShell and extract the necessary details.
  • To make this process more efficient, we have prepared the script below to find and export a list of all Active Directory servers along with their details into a CSV file.
  • Windows PowerShell Windows PowerShell 
     Get-ADComputer -Filter "OperatingSystem -like '*Server*'" -Property Name, OperatingSystem, DNSHostName | ForEach-Object {
 $server = $_.DNSHostName
 $role = (Get-WmiObject -Class Win32_ComputerSystem -ComputerName $server).DomainRole
 $features = Invoke-Command -ComputerName $server -ScriptBlock {
  Get-WindowsFeature | Where-Object Installed -eq $true | Select-Object DisplayName 
 } -ErrorAction SilentlyContinue
 [PSCustomObject]@{
  Name = $_.Name
  OperatingSystem = $_.OperatingSystem
  DNSHostName = $_.DNSHostName
  ServerType = Switch ($role) {
   1 {"Member Workstation"}
   3 {"Member Server"}
   4 {"Backup Domain Controller"}
   5 {"Primary Domain Controller"}
   Default {"Unknown"}
  }
  Roles = if ($features) { $features.DisplayName -join ", " }
  else { "Unable to retrieve roles" }
 }
} | Export-CSV -Path "<CSVFilePath>" -NoTypeInformation
Export All Servers From Active Directory Using PowerShell
  • This exported CSV file will provide details such as the server's name, operating system, DNS hostname, server type, and the server roles in Active Directory.
AdminDroid Active Directory Reporter

Uncover Active Directory Server Insights for Better Infrastructure Planning!

AdminDroid’s Active Directory reporting tool makes it easier than ever for administrators to efficiently manage DCs and member servers within Active Directory. Below are some of the key features of AdminDroid for providing essential solutions for simplifying server monitoring in AD.

Find the Operating Systems of the Servers Effortlessly

Use the operating systems detail report and filter it based on the server OS versions to ensure compatibility across Active Directory servers.

View All Domain Controllers in a Glance

Make use of the all domain controllers report to get all DCs in your AD along with their detailed properties to streamline effective authentication and authorization.

Track Domain Controller and Server Shutdown Events

Regularly monitor shutdown events on servers to detect unauthorized shutdowns, which may result in unintended downtime, operational disruptions, and other security issues.

Find Member Servers in Active Directory

List all member servers in your domain and monitor their roles/functions to track resource utilization and optimize server assignments for improved workload distribution.

Monitor Active Directory server login activity

Monitor Active Directory server login activity with AdminDroid to track all successful and failed login attempts, detect unusual access behavior, and enhance your AD security posture.

Instances of Audit Log Cleared in Servers

Review the audit log cleared events on servers to identify instances of cleared logs and their initiators responsible for hindering forensic investigations.

In conclusion, AdminDroid’s Active Directory management tool offers an all-encompassing solution for streamlining and simplifying all your AD management tasks. It makes the management of servers more efficient and hassle-free with advanced features like interactive visual graphs, versatile export options, precise filtering, and extensive customization.

Explore a full range of reporting options
Download Live Demo

Important Tips

Always have two domain controllers in an AD Domain to ensure uninterrupted authentication and authorization if one fails.

Choose Server Core installation in Windows Server for Active Directory to reduce disk space usage and minimize the attack surface by eliminating unnecessary components.

Follow a proper naming structure for servers and organize them into OUs to simplify GPO assignments and Active Directory management.

Common Errors and Resolution Steps

Here are the possible errors and troubleshooting hints while dealing with the Active Directory server management.

Error The search filter cannot be recognized

This error occurs when an incorrect LDAP query is provided in the Active Directory Administrative Center to list all the servers.

Fix Use the following LDAP query to list all servers in Active Directory. 
&(objectCategory=computer)(operatingSystem=*Server*)

Error Export-Csv : Missing an argument for parameter 'Path'. Specify a parameter of type 'System.String' and try again.

This error occurs when you skip providing a value for the -Path parameter in the 'Export-Csv' cmdlet while exporting server details in Active Directory.

Fix Ensure that <CSVFilePath> is properly specified as a valid file path string where the output will be exported.

Error No features show up in the optional features tab!

This occurs when you attempt to manage optional features in Windows using low-level user credentials.

Fix Try accessing the optional features in Windows with administrative privileges.

Error Optional features missing in Windows 10.

You may be unable to find the optional features section in Windows if you're navigating the wrong path.

Fix If your Windows 10 version is between 1809 and 22H2, go to the Apps section in the Settings app instead of the System section. For versions above 22H2, go to the System section in the Settings app to access Optional Features.
Active Directory
Frequently Asked Questions

Gain a Complete Understanding of Active Directory Servers and Their Functions

What are servers in Active Directory, and what roles do they perform?
What are the key differences between domain controller and member server in Active Directory?
How to manage Active Directory from a client machine?
How to promote a server to a domain controller (DC)?

1. What are servers in Active Directory, and what roles do they perform?

Active Directory servers are systems running server-grade operating systems designed to manage centralized authentication and authorization for users to access resources within a network. With robust hardware, these servers are critical for ensuring scalability, reliability, and security in Active Directory environments. Key roles performed by Active Directory servers include:

  • Domain Controller (DC) A domain controller hosts the Active Directory database and is responsible for storing and managing objects such as users, groups, and devices of a domain. Active Directory uses a multi-master replication model, where all DCs within a domain are peers and replicate changes to ensure consistency across the domain. However, certain tasks, such as updating the directory schema or assigning RID pools, require a single authoritative server to avoid conflicts. These are handled by FSMO roles in AD, assigned to specific DCs to ensure efficient and conflict-free directory operations.
  • Global Catalog (GC) The global catalog (GC) is a specialized domain controller role automatically assigned to the first DC in a forest and can be configured on others as needed. It holds a full, writable replica of all objects in its own domain and partial, read-only replicas of objects from other domains. These replicas help locate commonly used attributes of objects across the forest for efficient searches. The global catalog is updated automatically through AD DS replication and is crucial for authentication in multi-domain environments.
  • Read-Only Domain Controller (RODC) A read-only domain controller is a special type of domain controller in Active Directory that holds a read-only copy of the database. Designed for branch offices or locations with higher security risks, it enables local authentication for logons and supports tasks like file and printer sharing when connectivity to central sites is unavailable. Sensitive attributes (e.g., passwords) can be excluded from replication using the RODC filtered attribute set to protect critical data from exposure.
  • Member Servers A member server is a computer with server OS joined to the Active Directory domain but does not hold the role of a domain controller (DC). Member servers are typically used to perform specialized tasks such as hosting applications, file storage, or databases.

2. What are the key differences between domain controller and member server in Active Directory?

Domain controllers and member servers play distinct roles in an Active Directory environment. Understanding these differences is crucial for effective network administration.

difference-dc-member-server

3. How to manage Active Directory from a client machine?

A Windows Server with the Active Directory Domain Services (AD DS) role installed and promoted as a domain controller is typically required to administer Active Directory. However, there are scenarios where direct access to the server (DC) may not be feasible, such as when managing Active Directory remotely or when a DC is handling other critical tasks. In such cases, it is possible to manage Active Directory from a client computer (server or workstation) joined to the domain.

What is needed to manage Active Directory from a client machine?

To manage Active Directory from a client machine, you need administrative tools such as Active Directory Users and Computers (ADUC), Active Directory Administrative Center (ADAC), Active Directory PowerShell module, and more. These tools can be installed on client machines by enabling RSAT (Remote Server Administration Tools).

How to install RSAT on Windows 10/11 to manage Active Directory?

The process to install RSAT on Windows 10 and Windows 11 is almost identical. To enable RSAT and manage Active Directory from a client machine, ensure you are logged in with administrative privileges and follow these steps.

  • Navigate to Start»Settings»System»Optional features»Add a feature.
  • Scroll down to select RSAT: Active Directory Domain Services and Lightweight Directory Tools.
  • Click Install and wait until the feature is added.
install-rsat-on-windows
Points to remember:
  • If your Windows 10 version is between 1809 and 22H2, go to the Apps section instead of the System section in the Settings app.
  • RSAT can only be installed on Windows Professional or Enterprise editions, not on Home or Standard editions.
  • If you are running a Windows 10 version older than 1809, you must download the RSAT tools package and install it.
  • To install RSAT on a member server, open the Add Roles and Features Wizard from the Server Manager, go to the Features page, expand Remote Server Administration Tools, and select the tools you want.

Manage Active Directory form a client machine using RSAT

Once RSAT (Remote Server Administration Tools) is installed, you can manage Active Directory from a Windows client machine, such as Windows 10 or 11. Follow these steps to access Active Directory tools.

  • Navigate to Start menu»Windows Administrative Tools.
  • Here, you can find the Server Manager, ADDC, ADUC, Active Directory PowerShell module, and more.
  • Use these tools to administer Active Directory from your client machine.
active-directory-administrative-tools

Experience unparalleled flexibility with AdminDroid—manage your Active Directory from any device, whether it's a server or workstation!

4. How to promote a server to a domain controller (DC)?

While RSAT tools allow you to manage Active Directory from a member server or workstation, you might wonder why promoting a server to a domain controller is necessary. This is because a regular server with RSAT installed cannot perform authentication and authorization functions. Additionally, depending on your organization's size and IT complexity, it's recommended to have more than one domain controller for redundancy and availability. Follow these steps to promote a server as the domain controller.

Note: Ensure proper network configuration, such as static IP and DNS assignment, before promoting the Windows server.

Install the Active Directory Domain Services (AD DS) role

Adhere to the following steps to install the Active Directory Domain Services role on your Windows server. After the installation, do not restart the server and proceed to the promotion stage.

  • Open the Server Manager and click on the Add Roles and Features option from the Dashboard.
  • On the Before you begin page, click Next.
  • Select Role-based or feature-based installation and click Next.
  • Choose the server from the server pool and click Next.
  • Select Active Directory Domain Services and click Add Features when prompted.
  • Continue through the wizard and finally click Install. Then, wait for some time to complete the installation.

Promote the Server to a Domain Controller

Once the AD DS role is installed, click on the notification flag that appears in Server Manager and select Promote this server to a domain controller. This will launch the Active Directory Domain Services Configuration wizard.

  • In the Deployment Configuration page, configure the following based on your needs and click Next.
    • For a new forest: Choose Add a new forest and specify the root domain name (e.g., contoso.local).
    • For a new domain in the existing forest: Choose Add a domain controller to an existing domain, provide the parent domain credentials, and specify the tree or child domain details.
    • For a new DC in an existing domain: Choose Add a domain controller to an existing domain, provide the domain details and credentials.
  • On the Domain Controller Options page, specify the DC capabilities, such as the DNS server or Global Catalog (GC). Then, set the DSRM password and select Next.
  • Continue through the wizard by clicking Next on each screen, then click Install.

The server will restart automatically after the replication process to finalize the AD DS installation. Once the promotion is completed, you will be redirected to the login screen.

promote-server-as-dc
deployment-configuration-server-to-dc

While the steps above show how to install AD DS on a Windows Server, you may wonder, “Can Active Directory be installed on a non-Windows server?” The answer is no! AD is a Microsoft technology designed to run on Windows Server OS.

Kickstart Your Journey With
AdminDroid

Your Microsoft 365 Companion with Enormous Reporting Capabilities

Download Now
Browse All Guides
User Help Manuals Compliance Docs
All Guides 99+
Active Directory
How to List Servers in an Active Directory Domain
Active Directory Guides
x
Delivering Reports on Time
Delivering Reports on Time
Want a desired Microsoft 365 reports every Monday morning? Ensure automated report distribution and timely delivery with AdminDroid's Scheduling to your email anytime you need.
Delivering Reports on Time
Schedule tailored reports to execute automatically at the time you set and deliver straight to the emails you choose. In addition, you can customize report columns and add inteligent filtering to the activities just from the previous day to suit your Microsoft 365 report requirements.
Set It, Schedule It, See Results- Your Reports, Your Way, On Your Time!
Time Saving
Automation
Customization
Intelligent Filtering
Give Just the Right Access to the Right People
Give Just the Right Access to the Right People
Grant fine-tuned access to any Microsoft 365 user with AdminDroid’s Granular Delegation and meet your organization’s security and compliance requirements.
Give Just the Right Access to the Right People
Create custom roles loaded with just the right permissions and give access to admins or normal users within AdminDroid. The result? A streamlined Microsoft 365 management experience that aligns your organization's security protocols and saves your invaluable time and effort.
Align, Define, Simplify: AdminDroid's Granular Delegation
Smart Organizational Control
Effortless M365 Management
Simplified Access
Advanced Alerts at a Glance
Advanced Alerts at a Glance
Receive quick notifications for malicious Microsoft 365 activities. Engage with the AdminDroid’s real-time alert policies crafted to streamline your security investigations.
Advanced Alerts at a Glance
Stay informed of critical activities like suspicious emails and high-risk logins, bulk file sharing, etc. Through creating and validating ideal alert policies, AdminDroid provides a comprehensive approach to real-time monitoring and management of potential threats within your organization.
AdminDroid Keeps You Always Vigilant, Never Vulnerable!
Proactive Protection
Real-time Monitoring
Security Intelligence
Threat Detection
Merge the Required Data to One Place
Merge the Required Data to One Place
Combine multiple required columns into one comprehensive report and prioritize the information that matters most to you with AdminDroid’s Advanced Column Customization.
Merge the Required Data to One Place
This column merging capability offers a flexible way to add different columns from various reports and collate all the essential data in one place. Want to revisit the customized report? Save it as a 'View’, and your unique report is ready whenever you need it.
Merge with Ease and Save as Views!
Custom Reporting
Unique View
Desired Columns
Easy Data Interpretation
Insightful Charts and Exclusive Dashboards
Insightful Charts and Exclusive Dashboards
Get a quick and easy overview of your tenant's activity, identify potential problems, and take action to protect your data with AdminDroid’s Charts and Dashboards.
Insightful Charts and Exclusive Dashboards
With AdminDroid charts and dashboards, visualize your Microsoft 365 tenant in ways you've never thought possible. It's not just about viewing; it's about understanding, controlling, and transforming your Microsoft 365 environment.
Explore Your Microsoft 365 Tenant in a Whole New Way!
Executive overviews
Interactive insights
Decision-making
Data Visualization
Efficient Report Exporting for Microsoft 365
Efficient Report Exporting for Microsoft 365
Downloading your reports in the right file format shouldn’t be a hassle with AdminDroid’s Report Export. Experience seamless report exporting in various formats that cater to your needs.
Efficient Report Exporting for Microsoft 365
Navigate through diverse options and export Microsoft 365 reports flawlessly in your desired file format. Tailor your reports precisely as you need them and save them directly to your computer.
Take Control, Customize and Deliver- Your Office 365 Data, Exported in Your Way!
Easy Export
Seamless Downloading
Data Control
Manage Microsoft 365

Get AdminDroid Office 365 Reporter Now!

Free Download Live Demo