3.10. Finding a Domain Controller’s Site

Problem

You need to determine the site of which a domain controller is a member.

Solution

Using a graphical user interface

  1. Open LDP and from the menu, select Connection Connect.

  2. For Server, enter the name of a domain controller (or leave blank to do a serverless bind).

  3. For Port, enter 389.

  4. Click OK.

  5. From the menu select Connection Bind.

  6. Enter credentials of a domain user.

  7. Click OK.

  8. From the menu, select Browse Search.

  9. For BaseDN, type the distinguished name of the Sites container (e.g., cn=sites,cn=configuration,dc=rallencorp, dc=com).

  10. For Scope, select Subtree.

  11. For Filter, enter:

    (&(objectcategory=server)(dnsHostName=<DomainControllerName>))

  12. Click Run.

Using a command-line interface

> nltest /dsgetsite /server:<DomainControllerName>

Using VBScript

' This code prints the site the specified domain controller is in
' ------ SCRIPT CONFIGURATION ------
strDC = "<DomainControllerName>"  ' e.g. dc1.rallencorp.com
' ------ END CONFIGURATION ---------

set objRootDSE = GetObject("LDAP://" & strDC & "/RootDSE")
set objNTDS = GetObject("LDAP://" & objRootDSE.Get("dsServiceName"))
set objSite = GetObject(GetObject(GetObject(objNTDS.Parent).Parent).Parent)
WScript.Echo objSite.Get("cn")

Discussion

Domain controllers are represented in the site topology by a server object and a child nTDSDSA object. Actually, any type of server can conceivably have a server object; it is the nTDSDSA object that differentiates domain controllers from other types of servers. You’ll often ...

Get Active Directory Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial