So I was trying to see what computers existed in a domain. Getting a list seems easy with Get-ADComputer -Filter *
. But this list contains all cluster object too. I needed the list to do a check of what DNS server were in use. The cluster object don’t have DNS and should not be on my list.
So how can we differentiate between computers and cluster object. The secret sause lies in the attribute ServicePrincipalName
or SPN
for short. If it contains any of MSServerCluster
, MSServerClusterMgmtAPI
or MSClusterVirtualServer
it’s a cluster object.
So how can we search for it the easiest? Just search for them:
Get-ADComputer -LDAPFilter 'serviceprincipalname=*MSClusterVirtualServer*'
What if we want a list of all computers object and if they are cluster objects or not, Since clients can’t be clusters I am only looking at the servers.:
Get-ADComputer -Properties operatingsystem,serviceprincipalname,lastlogondate -LDAPFilter '(operatingsystem=*Server*)' |Select-Object Name, Operatingsystem, Enabled, lastlogondate, `
@{l='ClusterObject';e={if (($_.serviceprincipalname -join '') -like '*MSClusterVirtualServer*'){$true}else{$false}}}