Enumerating Domain Trusts & Forest Trusts

PowerView

Get list of all domain trusts for the current domain

Get-NetDomainTrust

Get list of all domain trusts for another domain

Get-NetDomainTrust -Domain <DOMAIN NAME>

Get details about the current forest

Get-NetForest

Get details about another forest

Get-NetForest -Forest <FOREST NAME>

Get all domains in the current forest

Get-NetForestDomain

Get all domains in another forest

Get-NetForestDomain -Forest <FOREST NAME>

Get all Global Catalogs for the current forest

Get-NetForestCatalog

Get all Global Catalogs for another forest

Get-NetForestCatalog -Forest <FOREST NAME>

Get list of forest trusts for the current forest (Excludes external trust)

Get-NetForestTrust

Get list of forest trusts for the another forest

Get-NetForestTrust -Forest <FOREST NAME>

Get mapping of trusts and direction from current domain

Get-NetForestDomain | Get-NetDomainTrust

Get mapping of trusts and direction from another domain

Get-NetForestDomain -Forest <FOREST NAME> | Get-NetDomainTrust

Get the external forest trusts only

Get-NetForestDomain -Verbose | Get-NetDomainTrust | ?{$_.TrustType -eq 'External'}

Get the external domain trusts only

Get-NetDomainTrust | ?{$_.TrustType -eq 'External'}

Active Directory Module

Get list of all domain trusts for the current domain

Get-ADTrust -Filter *

Get list of all domain trusts for another domain

Get-ADTrust -Filter * -Identity <DOMAIN NAME>

Get details about the current forest

Get-ADForest

Get details about another forest

Get-ADForest -Identity <FOREST NAME>

Get all domains in the current forest

(Get-ADForest).Domains

Get all domains in another forest

(Get-ADForest -Identity <FOREST NAME> ).Domains

Get all Global Catalogs for the current forest

Get-ADForest | Select -ExpandProperty GlobalCatalogs

Get all Global Catalogs for another forest

Get-ADForest -Identity <FOREST NAME> | Select -ExpandProperty GlobalCatalogs

Get mapping of trusts and direction from current domain

 Get-ADTrust -Filter * | Select Name,Direction,ForestTransitive,IntraForest,IsTreeParent,IsTreeRoot | ft

Get mapping of trusts and direction from another domain

 Get-ADTrust -Filter * -Server <DOMAIN NAME> | Select Name,Direction,ForestTransitive,IntraForest,IsTreeParent,IsTreeRoot | ft

Get the external domain trusts only from current domain

(Get-ADForest).Domains | %{Get-ADTrust -Filter '(intraForest -ne $True) -and (ForestTransitive -ne $True)' -Server $_}

Get-ADTrust -Filter '(intraForest -ne $True) -and (ForestTransitive -ne $True)'

Get the external domain trusts only from another domain

(Get-ADForest -Server <DOMAIN NAME> ).Domains | %{Get-ADTrust -Filter '(intraForest -ne $True) -and (ForestTransitive -ne $True)' -Server $_}
PreviousEnumerating ACLsNextUser Hunting

Last updated