Curiosity got the better of me today and I decided I wanted to find out the exact date of when our Active Directory Forest was first installed.
It would have to have been waaaay before my time at the company and would obviously have gone through many schema updates and functional level upgrades as DC’s were added and upgraded.
The usual place to start digging for this sort of info would be ADSIEdit.
**Warning ** Playing around in ADSIEdit can be dangerous and lead to long, complicated restore activities including Forest level Recovery. This is NOT FUN. SO be careful !
Open ADSI edit from your management/jump server and connect to the Configuration Partition and expand the tree;
Open the top level CN and then click on the Partitions Canonical Name object;
In the right pane, you will see a range of ‘crossRef’ objects, and likely ion the bottom of the list will be with the Netbios name of your Domain; Right click it and choose Properties, scroll down and find the ‘whenCreated’ attribute.
That’s it!
In this case, it was created on the 27th September 2009 @ 2.36pm. What an auspicious day !
Of course, there has to be an easier way, with less clicks. Enter Powershell 🙂
Make sure you have the AD module in your session;
Now this is a long command beginning with Get-AdObject. This is also an ‘expensive’ command, particularly if you have a large domain/forest.
|
1 |
['Get-ADObject -SearchBase (Get-ADForest).PartitionsContainer -LDAPFilter "(&(objectClass=crossRef)(systemFlags=3))" -Property dnsRoot, nETBIOSName, whenCreated | Sort-Object whenCreated | ft dnsRoot, nETBIOSName, whenCreated -AutoSize'] |
Voila !