Hmm. Can a non-perl person understand the perl code...
Depends on the non-perl person I guess. That perl that makes up that script is
not the easiest to convert to vbscript. If vbscript would have been easy to do
this in, I probably would have gone that way, overall though I have to say that
I don't much like vbscript. It isn't that I don't code in it, just don't prefer
to. Whereas perl makes difficult things easy, vbscript seems to like to make
some difficult things impossible and easy things merely difficult. Vbscript's
strong point is not text manipulation.
You don't need to know perl to use that script, simply
download perl (preferably from activestate.com) and load it and run the script.
It should work from any 2K+ machine just fine. You most certainly should be able
to tweak it around to make it display the info differently etc.
Yes DEC did occur, it was last week. Very good conference.
-------------
http://www.joeware.net (download joeware)
http://www.cafeshops.com/joewarenet (wear joeware)
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of AD
Sent: Friday, March 26, 2004 7:19 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Anyone ever convert dnsRecord attribute?
Yep, I'm looking for the hostname. The hostname is not
stored in a separate attribute that I can see. You definitely found the right
attribute. Is that funky or what?
I agree with you,
LDAP all the way baby. Can a non perl person understand the perl code and
convert it VBScript easily? I'm a vbscript person myself.
I was at the
conference last year, the one hosted in Ottawa. I believe this year it's in
Washington. Has it happened yet? Plenty of good information there for sure.
Thanks
Yves
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joe
Sent: Friday, March 26, 2004 5:22 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Anyone ever convert dnsRecord attribute?
Sent: Friday, March 26, 2004 5:22 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Anyone ever convert dnsRecord attribute?
Interesting problem.
What specifically do you need out of the octet string, just
the host name?
Anyone have a map of what exactly is in octet string or
what data should be in it even if you don't know the format? I would assume
probably serial number and some other info? It isn't in MSDN that I see.
dn:DC=0,DC=20.10.169.in-addr.arpa,CN=MicrosoftDNS,CN=System,DC=joehome,DC=com
>dnsRecord: 0B00 0C00 05F0 0000 0200 0000 0000 0E10 0000 0000 0000 0000 0901 0762 6F62 7465 7374 00
>dnsRecord: 0B00 0C00 05F0 0000 0200 0000 0000 0E10 0000 0000 0000 0000 0901 0762 6F62 7465 7374 00
dn:DC=1,DC=20.10.169.in-addr.arpa,CN=MicrosoftDNS,CN=System,DC=joehome,DC=com
>dnsRecord: 0C00 0C00 05F0 0000 0300 0000 0000 0E10 0000 0000 0000 0000 0A01 0862 6F62 7465 7374 3200
>dnsRecord: 0C00 0C00 05F0 0000 0300 0000 0000 0E10 0000 0000 0000 0000 0A01 0862 6F62 7465 7374 3200
From this it appears that the hostname starts at about the
13th dword. So above would be 0A01 0862 6F62 7465 7374 3200 and 0A01 0862 6F62
7465 7374 3200 for the names which would resolve into bobtest and bobtest2.
This could be done fairly painlessly with perl I think...
As for Al's question about why enumerate via LDAP? Because
its there baby, that is the beauty of using LDAP. If you aren't going to do LDAP
queries, might as well be using a SQL Server or flat file or something.
Let me see what I can do with this. I just put the
Disturbed CD in, feeling like doing some hacking.
BTW, if you didn't go to the Directory Experts Conference,
you missed a good time. NetPro did a good job and there was a lot of good
discussions. Plus some of the stuff Stuart was talking about was pretty darn
cool.
-------------
http://www.joeware.net (download joeware)
http://www.cafeshops.com/joewarenet (wear joeware)
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of AD
Sent: Friday, March 26, 2004 3:18 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Anyone ever convert dnsRecord attribute?
David,
I am sure it will work but my DNS as over
45000+ objects and it is running on a production network. It scares me a little
to do that.
Y
From: Chianese, David P.
Sent: Fri 26/03/2004 2:47 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Anyone ever convert dnsRecord attribute?
As Al
mentioned, why not convert the zone to Std. Primary and take a copy of the zone
files that are written to disk. Then revert it back to ADI. I have
done this before without incident to supply our BIND unix servers
copies (or pieces) of our zone files. I have done this in the past for
stale PTR records as well.
Regards,
Dave
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of AD
Sent: Friday, March 26, 2004 2:30 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Anyone ever convert dnsRecord attribute?I am looking for duplicate registrations in the reverse lookup zone. I am hoping to export everything to txt (40000+ objects) file so I can parse using excel. I actually found the article you mention but the I have to install the WMI provider on the DC. I am hoping to avoid this if I can. Tha't why I am hoping to use LDAP with some sort of OctetString converter.Y
From: Mulnick, Al
Sent: Fri 26/03/2004 1:04 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Anyone ever convert dnsRecord attribute?You mean like a zone transfer?DNS.CMD could be useful, scripting could be useful such as this one http://www.microsoft.com/technet/community/scriptcenter/network/scnet163.mspx (note the requirements).DNSLINT might have some value for you as well.Heck, Nslookup in a loop might be useful but you'd have to know what you're going after.Saying all of that, you could transfer the zone to a non-integrated instance and parse the zone file if you really wanted to.I'd opt for the script, but that's me.Al
From: AD [mailto:[EMAIL PROTECTED]
Sent: Friday, March 26, 2004 1:00 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Anyone ever convert dnsRecord attribute?Hi Al,Can you elaborate how I can export the entire zone via DNS.ThanksYves
From: Mulnick, Al
Sent: Fri 26/03/2004 11:57 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Anyone ever convert dnsRecord attribute?Why do you want to enumerate via LDAP? Why not via DNS?
From: AD [mailto:[EMAIL PROTECTED]
Sent: Friday, March 26, 2004 11:39 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Anyone ever convert dnsRecord attribute?Help,We have a DNS integrated zone and I have a need to enumerate all reverse lookup records. Unfortunetaly the computer name in saved in a octectstring format attribute called dnsRecord.Lookup a record in theDC=xx.in-addr.arpa,CN=MicrosoftDNS,CN=System,DC=DomainName"container and you will see what I am talking about.As anyone ever written a function to convert this octetstring to something that is readable?ThanksYves St-Cyr
