Andrew- The way that option works is it create an NDNC aka Application Partition and the DCs hosting DNS enlist in it. It's possible that either a) DCs without DNS are enlisted in it for replication or b) vice versa (though this may be semi-protected against). It's also possible to create custom NDNCs for DNS with custom replication scopes.
I'm guessing the OP probably has a relatively small/simple environment and this is all over thinking, but, in a large AD environment there's going to be a lot of variables to actually track down a proper list. Thanks, Brian Desmond [email protected] c - 312.731.3132 From: Andrew S. Baker [mailto:[email protected]] Sent: Wednesday, September 22, 2010 3:07 PM To: NT System Admin Issues Subject: Re: Show all DNS Servers in AD I would think that AD has some way of tracking all DNS servers in a forest, because it allows you to replicate a zone to all DNS servers in a forest or domain. One way to get at least a partial list of DNS servers would be via NSLOOKUP nslookup -type=ns yourlocaldomain.tld ASB (My XeeSM Profile)<http://XeeSM.com/AndrewBaker> Exploiting Technology for Business Advantage... On Wed, Sep 22, 2010 at 3:29 PM, Brian Desmond <[email protected]<mailto:[email protected]>> wrote: There's no such listing. DHCP authorizations actually create objects in AD to track them. You'd need to find all the DNS application partitions and what's hosted under them (plus zones hosted under the domain NC) and then inspect the replica list for each one and merge. That wouldn't get you any DNS server which isn't hosting any AD integrated zones. Finally you'd need to check for the presence of DNS on each replica as it's possible the data is replicated to the DC but there is no DNS service on there. Thanks, Brian Desmond [email protected]<mailto:[email protected]> c - 312.731.3132 From: Webster [mailto:[email protected]<mailto:[email protected]>] Sent: Wednesday, September 22, 2010 2:23 PM To: NT System Admin Issues Subject: Show all DNS Servers in AD To find all authorized DHCP servers in AD I can enter: Netsh dhcp show server Netsh does not have a DNS parameter. Is there a command I can run to list all DNS servers in AD? I couldn't find anything useful using dnscmd. Thanks Webster ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
