RE: [ActiveDir] Enumerating DCs from a workstation that is not me mber of domain.

Mon, 17 May 2004 08:58:36 -0700

Title: RE: [ActiveDir] Enumerating DCs from a workstation that is not member of domain.
This is actually pretty easy! If you have name visibility (i.e., via DNS or WINS) to the domain, a DC name isn't required -- it's just one of the options. Just specify the domain name (or the WINS name or a single DC name). You can use InputBox to get it. Then slightly modify recipe 3.8 from the Active Directory Cookbook, by specifying either the domain name or the DC name in the binds. To wit:
 
' ------ SCRIPT CONFIGURATION ------
strDomain = InputBox ("Enter domain name or DC name")
' ------ END CONFIGURATION ---------
 
set objRootDSE = GetObject("LDAP://" & strDomain & "/RootDSE")
set objDomain = GetObject("LDAP://" & strDomain & "/" & objRootDSE.Get("defaultNamingContext"))
strMasteredBy = objDomain.GetEx("masteredBy")
for each strNTDSDN in strMasteredBy
   set objNTDS = GetObject("LDAP://" & strDomain & "/" & strNTDSDN)
   set objServer = GetObject(objNTDS.Parent)
   Wscript.echo objServer.Get("dNSHostName")
next
 
In my environment I can run this on standalone servers and specify
 
1) a/d domain name (brnets.local)
2) WINS domain name (brnets)
3) DC computer name (orange.brnets.local)
 
It's all good.


From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of AD
Sent: Saturday, May 15, 2004 5:56 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Enumerating DCs from a workstation that is not me mber of domain.

Al,
 
You hit the nail on the head about my intentions. I did say vbscript or vb.net but I still appreciate that the fine folk in this forum are trying to help me.
 
I read the code in the link provided. Looks great but the workstations I am adding to the domain are w2k Pro. Just my luck. :-)
 
The problem with LDAP searching for DCs is your need to specify a DC name in your query.  You cannot perform a serverless bind unless your workstation is a member of the domain. Hard coding a server name is not an option because as we all know, servers change. I am starting to think that capturing the output of NSLookup is the only solution. Not pretty but it will work.  
 
Y
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al
Sent: Friday, May 14, 2004 10:12 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Enumerating DCs from a workstation that is not me mber of domain.

I think the original request was that it be vbscript or vb.net.  I suppose you could wrap the call, but I'm not sure it meets what he's looking for. 
 
Additionally, I think we overcomplicated the request.  I think he just wants to be able to add to a workstation to a domain which is a script similar to http://www.microsoft.com/technet/community/scriptcenter/compmgmt/scrcm31.mspx which uses the netbios or shortname of the domain to join (as does the built in pieces).
 
Otherwise, why do you want to find the members of a domain from a non-member workstation if not to join?  Is there something else you're after?  If so, you may want to investigate LDAP searching for DC's in a domain.  You can pass the creds to the domain that are required for searching.  DNS will do it, and the DNSGetHostbyname or sister method should be helpful there. 
 
Al
 
 

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 13, 2004 6:39 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Enumerating DCs from a workstation that is not me mber of domain.

This should be what you want...
http://msdn.microsoft.com/library/default.asp?url="">

From: AD [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 13, 2004 5:34 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Enumerating DCs from a workstation that is not me mber of domain.

The problem with name resolution is the fact that you have to HARD Code your server names. That is what I am trying to stay away from.

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al
Sent: Thursday, May 13, 2004 4:42 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Enumerating DCs from a workstation that is not me mber of domain.

Huh?  Wouldn't the name resolution calls work better then?
http://msdn.microsoft.com/library/default.asp?url="">
 
 
 
 
Al
 
 
 
 

From: AD [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 13, 2004 3:46 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Enumerating DCs from a workstation that is not member of domain.

Believe it or not Mike I gave that idea a lot of thought. NSLookup -t NS DomainName.com. But I would have to create a shell object, capture the output to a file and then parse it. Not the cleanest solution.
 
I was hoping to find an object that will kinda do it all.

From: [EMAIL PROTECTED] on behalf of Thommes, Michael M.
Sent: Thu 5/13/2004 10:10 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Enumerating DCs from a workstation that is not member of domain.

Couldn't you just query DNS (ie, nslookup aa.bb.cc) and look at the IPs returned?

Mike Thommes

-----Original Message-----
From: AD [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 13, 2004 8:47 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Enumerating DCs from a workstation that is not
member of domain.


Hey Guys,

I am looking for a vb script or vb.net code that would return domain controllers (names or ip addresses) of a specific domain name on a workstation that is NOT member of the domain.

When you add a computer to a domain (right click "my computer", properties, Computer Name, Change) you specify a domain name. When you click on ok it will ask you for a username and password right? When you click "ok" the computer must talk with a domain controller to add your computer to the domain right? I basically need that functionality.

Thank you in advance.


Yves St-Cyr
List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/


List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

Reply via email to