Depending on your environment, default well-known containers may have been renamed or, for example, default locations for new users and computers may have been changed using REDIRUSR.EXE and REDIRCMP.EXE. If you need the actual DNs, you have to read the WKOs from domain object and look at the GUID part because those are fixed:
PowerShell
$server = "<server>"
$user = "<username>"
$pwd = "<password>"
$rootDSE = [System.DirectoryServices.DirectoryEntry]::new("LDAP://$server/RootDSE",$user,$pwd,[System.DirectoryServices.AuthenticationTypes]::Secure)
$rootDSE.RefreshCache()
$domain = $rootDSE.defaultNamingContext
$domainEntry = [System.DirectoryServices.DirectoryEntry]::new("LDAP://$server/$domain",$user,$pwd,[System.DirectoryServices.AuthenticationTypes]::Secure)
$domainEntry.RefreshCache()
foreach ($wko in $domainEntry.wellKnownObjects) {
$type = $wko.GetType()
$dn = $type.InvokeMember("DNString", [System.Reflection.BindingFlags]::GetProperty, $null, $wko, $null)
$guidarr = $type.InvokeMember("BinaryValue", [System.Reflection.BindingFlags]::GetProperty, $null, $wko, $null)
$guid = ([System.Guid]::new($guidarr)).Guid
"{$($guid)} $dn"
}The output will look like this:
{aff02762-c21f-0d41-8e3b-b10615bb5b0f} CN=NTDS Quotas,DC=tailspin-lab,DC=de
{a492bef4-77c7-5e48-878e-9421d53087db} CN=Microsoft,CN=Program Data,DC=tailspin-lab,DC=de
{080c4609-1eae-4e4a-a0f6-4aee7daa1e5a} CN=Program Data,DC=tailspin-lab,DC=de
{670cb722-6ed5-fb4e-91e9-300fca3dc1aa} CN=ForeignSecurityPrincipals,DC=tailspin-lab,DC=de
{80eae218-4f68-d211-b9aa-00c04f79f805} CN=Deleted Objects,DC=tailspin-lab,DC=de
{87c1ba2f-de0a-d211-97c4-00c04fd8d5cd} CN=Infrastructure,DC=tailspin-lab,DC=de
{b75381ab-8876-d111-aded-00c04fd8d5cd} CN=LostAndFound,DC=tailspin-lab,DC=de
{f3301dab-8876-d111-aded-00c04fd8d5cd} CN=System,DC=tailspin-lab,DC=de
{ffb261a3-d2ff-d111-aa4b-00c04fd7d83a} OU=Domain Controllers,DC=tailspin-lab,DC=de
{252831aa-8876-d111-aded-00c04fd8d5cd} CN=Computers,DC=tailspin-lab,DC=de
{15cad1a9-8876-d111-aded-00c04fd8d5cd} CN=Users,DC=tailspin-lab,DC=de