3.8. Finding the Domain Controllers for a Domain

Problem

You want to find the domain controllers in a domain.

Solution

Using a graphical user interface

  1. Open the Active Directory Users and Computers snap-in.

  2. Connect to the target domain.

  3. Click on the Domain Controllers OU.

  4. The list of domain controllers for the domain will be present in the right pane.

Using a command-line interface

> netdom query dc /Domain:<DomainDNSName>

Using VBScript

' This code displays the domain controllers for the specified domain.
' ------ SCRIPT CONFIGURATION ------
strDomain = "<DomainDNSName>"  ' e.g. emea.rallencorp.com
' ------ END CONFIGURATION ---------

set objRootDSE = GetObject("LDAP://" & strDomain & "/RootDSE")
set objDomain = GetObject("LDAP://" & objRootDSE.Get("defaultNamingContext"))
strMasteredBy = objDomain.GetEx("masteredBy")
for each strNTDSDN in strMasteredBy
   set objNTDS = GetObject("LDAP://" & strNTDSDN)
   set objServer = GetObject(objNTDS.Parent)
   Wscript.echo objServer.Get("dNSHostName")
next

Discussion

There are several ways to get a list of domain controllers for a domain. The GUI solution simply looks at the computer objects in the Domain Controllers OU. Whenever you promote a domain controller into a domain, a computer object for the server gets placed into the Domain Controllers OU off the root of the domain. Some administrators may move their domain controller computer objects to different OUs, so this test does not guarantee accuracy in all cases.

The CLI and VBScript solutions take a slightly ...

Get Active Directory Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.