Enumerate all domain controllers
Get all domain controllers inside the domain corp.contoso.local
C:\> nltest /dclist:corp.contoso.local
C:\> nslookup -type=all _ldap._tcp.dc._msdcs.corp.contoso.local
C:\> net group "domain controllers" /domain
Which domain controller authenticated my session?
C:\>echo %LOGONSERVER%
C:\> nltest /dsgetdc:corp.contoso.local
Enumerate all domain controllers
PS C:\> Get-DomainController
Enumerate individual domain controller
PS C:\> Get-DomainComputer CDC001
Enumerate all domain controllers
PS C:\> ([ADSISearcher]"(&(objectCategory=computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))").FindAll()