Good points, Brian.
*ASB* * * On Wed, Sep 22, 2010 at 4:19 PM, Brian Desmond <[email protected]>wrote: > *Andrew-* > > * * > > *The way that option works is it create an NDNC aka Application Partition > and the DCs hosting DNS enlist in it. It’s possible that either a) DCs > without DNS are enlisted in it for replication or b) vice versa (though this > may be semi-protected against). It’s also possible to create custom NDNCs > for DNS with custom replication scopes.* > > * * > > *I’m guessing the OP probably has a relatively small/simple environment > and this is all over thinking, but, in a large AD environment there’s going > to be a lot of variables to actually track down a proper list. * > > * * > > *Thanks,* > > *Brian Desmond* > > *[email protected]* > > * * > > *c – 312.731.3132* > > * * > > *From:* Andrew S. Baker [mailto:[email protected]] > *Sent:* Wednesday, September 22, 2010 3:07 PM > *To:* NT System Admin Issues > *Subject:* Re: Show all DNS Servers in AD > > > > I would think that AD has some way of tracking all DNS servers in a forest, > because it allows you to replicate a zone to all DNS servers in a forest or > domain. > > > > One way to get at least a partial list of DNS servers would be via NSLOOKUP > > nslookup -type=ns *yourlocaldomain.tld* > > > > *ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker> > *Exploiting Technology for Business Advantage...* > * * > > On Wed, Sep 22, 2010 at 3:29 PM, Brian Desmond <[email protected]> > wrote: > > *There’s no such listing. DHCP authorizations actually create objects in > AD to track them.* > > * * > > *You’d need to find all the DNS application partitions and what’s hosted > under them (plus zones hosted under the domain NC) and then inspect the > replica list for each one and merge. That wouldn’t get you any DNS server > which isn’t hosting any AD integrated zones. Finally you’d need to check for > the presence of DNS on each replica as it’s possible the data is replicated > to the DC but there is no DNS service on there.* > > * * > > *Thanks,* > > *Brian Desmond* > > *[email protected]* > > * * > > *c – 312.731.3132* > > * * > > *From:* Webster [mailto:[email protected]] > *Sent:* Wednesday, September 22, 2010 2:23 PM > *To:* NT System Admin Issues > *Subject:* Show all DNS Servers in AD > > > > To find all authorized DHCP servers in AD I can enter: > > > > Netsh dhcp show server > > > > Netsh does not have a DNS parameter. Is there a command I can run to list > all DNS servers in AD? I couldn’t find anything useful using dnscmd. > > > > Thanks > > > > > > Webster > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
