3.10. Finding a Domain Controller’s Site
Problem
You need to determine the site of which a domain controller is a member.
Solution
Using a graphical user interface
Open LDP and from the menu, select Connection → Connect.
For Server, enter the name of a domain controller (or leave blank to do a serverless bind).
For Port, enter 389.
Click OK.
From the menu select Connection → Bind.
Enter credentials of a domain user.
Click OK.
From the menu, select Browse → Search.
For BaseDN, type the distinguished name of the
Sites
container (e.g., cn=sites,cn=configuration,dc=rallencorp, dc=com).For Scope, select Subtree.
For Filter, enter:
(&(objectcategory=server)(dnsHostName=
<DomainControllerName>
))Click Run.
Using a command-line interface
> nltest /dsgetsite /server:<DomainControllerName>
Using VBScript
' This code prints the site the specified domain controller is in
' ------ SCRIPT CONFIGURATION ------
strDC = "<DomainControllerName>
" ' e.g. dc1.rallencorp.com
' ------ END CONFIGURATION ---------
set objRootDSE = GetObject("LDAP://" & strDC & "/RootDSE")
set objNTDS = GetObject("LDAP://" & objRootDSE.Get("dsServiceName"))
set objSite = GetObject(GetObject(GetObject(objNTDS.Parent).Parent).Parent)
WScript.Echo objSite.Get("cn")
Discussion
Domain controllers are represented in the site topology by a
server
object and a child
nTDSDSA
object. Actually, any type of server can
conceivably have a server
object; it is the
nTDSDSA
object that differentiates domain controllers from other types of servers. You’ll often ...
Get Active Directory Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.