Is there a way in AD or any other way to get all ADFS servers in the company?
Hi,
Is there a way in AD or any other way to get all ADFS servers in the company?
Thanks
Is there a way in AD or any other way to get all ADFS servers in the company?
Thanks
from your adfs server run this Powershell command
Get-AdfsFarmInformation
It will list all servers that are part of your ADFS farm.
Get-AdfsFarmInformation
It will list all servers that are part of your ADFS farm.
ASKER
Do I need to install something first? Because I got:
Get-AdfsFarmInformation : The term 'Get-AdfsFarmInformation' is not recognized
Get-AdfsFarmInformation : The term 'Get-AdfsFarmInformation' is not recognized
Sorry. This is a 2016 ADFS command.
If you are running ADFS on a server 2016 you should be able to run this from there.
Try this to confirm if the ADFS module is loaded.
If you are running ADFS on a server 2016 you should be able to run this from there.
Try this to confirm if the ADFS module is loaded.
Get-Command *ADFS*ASKER
yes but get commands are limited to:
Cmdlet Get-ADFSAttributeStore
Cmdlet Get-ADFSCertificate
Cmdlet Get-ADFSClaimDescription
Cmdlet Get-ADFSClaimsProviderTrus
Cmdlet Get-ADFSConfiguration
Cmdlet Get-ADFSEndpoint
Cmdlet Get-ADFSProxyConfiguration
Cmdlet Get-ADFSRelyingPartyTrust
Cmdlet Get-ADFSSyncConfiguration
Cmdlet Get-ADFSAttributeStore
Cmdlet Get-ADFSCertificate
Cmdlet Get-ADFSClaimDescription
Cmdlet Get-ADFSClaimsProviderTrus
Cmdlet Get-ADFSConfiguration
Cmdlet Get-ADFSEndpoint
Cmdlet Get-ADFSProxyConfiguration
Cmdlet Get-ADFSRelyingPartyTrust
Cmdlet Get-ADFSSyncConfiguration
That will only get you servers within the ADFS farm.
You will probably have to check all servers if role is installed
You will probably have to check all servers if role is installed
Yes, like the below script for example:
You can Export the data into an excel file by piping the last cmdlet of the script into Export-CSV cmdlet.
Note: ADFS role: adfs-federation
This Script just gives you Installed Roles, Not the installed features.
To include features as well in the results, please remove the -and $_.featuretype -eq ‘Role’ from the script
$domain= 'DOMAIN\Username'
$pass=ConvertTo-SecureString -String 'YourPassword' -AsPlainText -Force
$creds=New-Object System.Management.Automation.pscredential -ArgumentList $domain, $pass
(Get-Content C:\Servers.txt| `
Foreach{Invoke-Command -ComputerName $_ -Verbose -ScriptBlock{get-windowsfeature | `
Where-Object{$_.installed -eq $true -and $_.featuretype -eq 'Role'} |
select name, installed -ExcludeProperty subfeatures} -Credential $creds}) | `
Format-Table -Property Name, Installed, @{name='Server Name';expression={$_.pscomputername}} -AutoSizeYou can Export the data into an excel file by piping the last cmdlet of the script into Export-CSV cmdlet.
Note: ADFS role: adfs-federation
This Script just gives you Installed Roles, Not the installed features.
To include features as well in the results, please remove the -and $_.featuretype -eq ‘Role’ from the script
I like IT suggestion. I would take that and replace the get-content block with
Get-ADComputer -Filter {(OperatingSystem -like "*windows*server*") -and (Enabled -eq "True")}
Get-ADComputer -Filter {(OperatingSystem -like "*windows*server*") -and (Enabled -eq "True")}
Also why do you think you have more than one ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks all for your help!
Did you find any other rogue ADFS servers ?
How many do you think your have?