Search for Preferred Bridgehead servers

Just a quickie for today. I was talking to a friend about Preferred Bridgehead servers. This is an old-fashioned feature from the bad old days where hardware was expensive and firewalls were everywhere. A preferred bridgehead is the preferential replication partner for DCs in other sites, and is used to exclude the other DCs in the same site from intersite replication. Sounds fine, but the downside is that it takes manual maintenance of a rather obscure feature.

Anyway, we needed to know if there were any preferred bridgehead servers without clicking though the dssite.msc GUI for hours. This will show you:

 Get-ADObject -searchbase (Get-ADRootDSE).configurationnamingcontext -filter 'objectclass -eq "server"' -Properties bridgeheadtransportlist |
format-table -AutoSize name,bridgeheadtransportlist

It will give you a list of all DCs with their preferred bridgehead setting. Note that the attribute is unset if a DC is not a preferred bridgehead. The list may also contain DCs that no longer exist.

Comments

• Anonymous
  May 18, 2016
  BridgeheadTransportList does not appear to be a property in the Get-ADObject results... I'm running as a domain admin in the root domain. Does it require enterprise admin rights ?
  • Anonymous
    May 18, 2016
    Hi Kirk,You don't need much for this. Any authenticated user can run this query, from any domain in the forest. The expectation is that the attribute bridgeheadTransportList is unset for all DCs that are not preferred bridgehead servers. I did update the powershell code using different formatting. See if that works better for you.