Test-ComputerSecureChannel
Tests and repairs the secure channel between the local computer and its domain.
Syntax
Test-ComputerSecureChannel
[-Repair]
[-Server <String>]
[-Credential <PSCredential>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Test-ComputerSecureChannel cmdlet verifies that the channel between the local computer and its domain is working correctly by checking the status of its trust relationships. If a connection fails, you can use the Repair parameter to try to restore it.
Test-ComputerSecureChannel returns $True if the channel is working correctly and $False if it is not. This result lets you use the cmdlet in conditional statements in functions and scripts. To get more detailed test results, use the Verbose parameter.
This cmdlet works much like NetDom.exe. Both NetDom and Test-ComputerSecureChannel use the NetLogon service to perform the actions.
Examples
Example 1: Test a channel between the local computer and its domain
PS C:\> Test-ComputerSecureChannel
TrueThis command tests the channel between the local computer and the domain to which it is joined.
Example 2: Test a channel between the local computer and a domain controller
PS C:\> Test-ComputerSecureChannel -Server "DCName.fabrikam.com"
TrueThis command specifies a preferred domain controller for the test.
Example 3: Reset the channel between the local computer and its domain
PS C:\> Test-ComputerSecureChannel -Repair
TrueThis command resets the channel between the local computer and its domain.
Example 4: Display detailed information about the test
PS C:\> Test-ComputerSecureChannel -verbose
VERBOSE: Performing operation "Test-ComputerSecureChannel" on Target "SERVER01".
True
VERBOSE: "The secure channel between 'SERVER01' and 'net.fabrikam.com' is alive and working correctly."This command uses the Verbose common parameter to request detailed messages about the operation. For more information about Verbose, see about_CommonParameters.
Example 5: Test a connection before you run a script
PS C:\> Set-Alias tcsc Test-ComputerSecureChannel
if (!(tcsc))
{Write-Host "Connection failed. Reconnect and retry."}
else { &(.\Get-Servers.ps1) }This example shows how to use Test-ComputerSecureChannel to test a connection before you run a script that requires the connection.
The first command uses the Set-Alias cmdlet to create an alias for the cmdlet name. This saves space and prevents typing errors.
The If statement checks the value that Test-ComputerSecureChannel returns before it runs a script.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Credential
Specifies a user account that has permission to perform this action. Type a user name, such as User01 or Domain01\User01, or enter a PSCredential object, such as one that the Get-Credential cmdlet returns. By default, the cmdlet uses the credentials of the current user.
The Credential parameter is designed for use in commands that use the Repair parameter to repair the channel between the computer and the domain.
| Type: | PSCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Repair
Indicates that this cmdlet removes and then rebuilds the channel established by the NetLogon service. Use this parameter to try to restore a connection that has failed the test.
To use this parameter, the current user must be a member of the Administrators group on the local computer.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Server
Specifies the domain controller to run the command. If this parameter is not specified, this cmdlet selects a default domain controller for the operation.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None
You cannot pipe input to this cmdlet.
Outputs
This cmdlet returns $True if the connection is working correctly and $False if it is not.
Notes
- To run a Test-ComputerSecureChannel command on Windows Vista and later versions of the Windows operating system, open Windows PowerShell by using the Run as administrator option.
- Test-ComputerSecureChannel is implemented by using the I_NetLogonControl2 function, which controls various aspects of the Netlogon service.