Microsoft, PowerShell

PowerShell – How-To Retrieve SPN’s for all Servers

Yet another short one with little context or reason.

A colleague of mine needed a list of all Service Principal Names assigned to all servers on the estate. Searches online brought us to a few potential solutions, most of which included the use of some difficult to use and understand .NET classes which appeared to be limited to only 1000 results.

So that got me thinking, these are just Active Directory attributes so why not use PowerShells very own Get-ADComputer?

The script below will list every single server in Active Directory and all assigned SPN’s, it will then export the list to a CSV.

The Script

# Change this to change where the resulting CSV will appear
$exportLocation = "C:\temp\export.csv"

# Get the list of all servers on the domain that are enabled, expand the ServicePrincipalName so that we get a list
$allServers = Get-ADComputer -Filter { OperatingSystem -Like '*Windows Server*' -and Enabled -eq $True} -Properties Name, ServicePrincipalName | select Name, @{Name="ServicePrincipalNames"; Expression={$_.ServicePrincipalName -join "`n"}}

# Export the list to a CSV
$allServers | Export-CSV "C:\temp\export.csv" -NoClobber -NoTypeInformation
Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.