23 June,2021 by Rambler

Question: How can I get the subnets of a server's Active Directory  site?


Answer: There are a few different methods, typically it can be a complex issue to get the subnets of the Active Directory site. The Powershell Active Directory Modules are comprehensive and with loads of options. 

Before we go through the steps let's just take a look at some basic AD information you can gather from a server. From a server attached to an AD - execute the command -

nltest /DSGETDC:

DC: \\
Address: \\
Dom Guid: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Dom Name:
Forest Name:
Dc Site Name: myDCsitename
Our Site Name: myDCadsite


This indicates your logon has the privileges to gather the data .But it won't return the subnets. We'll need to extract the AD site name , and then use some extra Powershell commands - Get-ADRootDSE and Get-ADObject 


The 2 step method   will return the subnets 

Step 1 : Get the AD site of the server . Run the command on the server. This will return the current Active Directory site of the server. This specific command will return only the Active Directory Site

nltest /server:myserver /dsgetsite


Step 2 : Get the subnets attached to the AD site 

$ADsiteName = "RedhillDevGbdaSite"
$configCnc = (Get-ADRootDSE).ConfigurationNamingContext
$siteContainerDN = (“CN=Sites,” + $configCnc)
$ADsiteDN = “CN=” + $ADsiteName + “,” + $siteContainerDN
$ADsiteOBJ=Get-ADObject -Identity $ADsiteDN -properties *

foreach ($subnetDN in $siteObj.siteObjectBL)
$subNet=Get-ADObject -Identity $subnetDN


Author: Rambler (


