While troubleshooting an issue for a peer today running the Exchange Hybrid Configuration Wizard, I suspected that the environment might have an authenticated proxy in the way. So, I dug out some code I used in the AAD Connect Network Test for Invoke-WebRequest.
But, when you’re dealing with an authenticated proxy that uses some flavor of Windows Integrated Authentication, your checks may fail–or succeed (which is kind of like failing in this instance, since we’re not actually checking the running configuration) since your browser may have already authenticated itself.
That’s when you’ll need to run it in the System context. To do this, the easy way is via PSExec -s -i powershell.exe, and then use the tool with the -OnlineEndPoints test.
Of course, when I thought of running AAD Connect network testing tool like that, I ran into a problem with detecting the local DC and FQDN, since I derived those from env:LOGONSERVER and env:USERDNSDOMAIN–neither of which exist when SYSTEM logs on.
I’ve updated the script to skip the Active Directory checks when those values aren’t available, so you won’t get errors on startup when you’re testing for it. I’m working up a new way to conduct this, but for now, this will get you through. The updated version is in the gallery now.