Querying AD from Powershell

Question

I'm new to Powershell and AD. I have troubles using AD module for PS. I get the following error using any command:

Get-ADDomain : Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services 
running.
At line:2 char:1
+ Get-ADDomain -Current LocalComputer
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ResourceUnavailable: (lon.intensive.int:ADDomain) [Get-ADDomain], ADServerDownException
    + FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirectory.Management.Commands.GetADDomain

What is interesting I'm able to use ADExplorer and see domain, users and all their attributes. How does ADExplorer differ from scripts in Powershell?

Answer 1

What operating system are your domain controllers? The AD cmdlets have to connect to a domain controller that's running Active Directory Web Services. This is automatic on Windows 2008 R2 and newer domain controllers, but on Windows 2008 and Windows 2003 you need to install it separately. Ideally, you've gotten rid of all of your Windows 2003 DCs because it's out of support. 2008 is getting pretty old too. But if you can't, then you should install ADWS on all of the downlevel DCs so that you can use the AD cmdlets.

You can use Get-ADDomainController-Discover -Service ADWS to find a DC running it. You could use the result of that call in the -Server parameter of the rest of the AD cmdlets (or use $PSDefaultParameterValues to set it once in the script). But if that doesn't return any DCs, then you need to install ADWS.