Recipe 2.6 Finding the Domains in a Forest
2.6.1 ProblemYou want a list of the domains in a forest. 2.6.2 Solution2.6.2.1 Using a graphical user interfaceOpen the Active Directory Domains and Trusts snap-in. The list of the domains in the default forest can be browsed in the left pane. 2.6.2.2 Using a command-line interface> ntdsutil "d m" "sel op tar" c "co t s <DomainControllerName>" q "l d" q q q[RETURN] 2.6.2.3 Using VBScript' This code gets the list of the domains contained in the ' forest that the user running the script is logged into. set objRootDSE = GetObject("LDAP://RootDSE") strADsPath = "<GC://" & objRootDSE.Get("rootDomainNamingContext") & ">;" strFilter = "(objectcategory=domainDNS);" strAttrs = "name;" strScope = "SubTree" set objConn = CreateObject("ADODB.Connection") objConn.Provider = "ADsDSOObject" objConn.Open "Active Directory Provider" set objRS = objConn.Execute(strADsPath & strFilter & strAttrs & strScope) objRS.MoveFirst while Not objRS.EOF Wscript.Echo objRS.Fields(0).Value objRS.MoveNext wend 2.6.3 Discussion2.6.3.1 Using a graphical user interfaceIf you want to view the domains for an alternate forest than the one you are logged into, right-click on "Active Directory Domains and Trusts" in the left pane, and select "Connect to Domain Controller." Enter the forest name you want to browse in the Domain field. In the left pane, expand the forest root domain to see any subdomains. 2.6.3.2 Using a command-line interfaceIn the ntdsutil example, shortcut parameters were used to reduce the amount of typing needed. If each parameter were typed out fully, the command line would look like: > ntdsutil "domain management" "select operation target" connections "connect[RETURN] to server <DomainControllerName>" quit "List domains" quit quit quit 2.6.3.3 Using VBScriptIn the VBScript solution, an ADO query is used to search for domainDNS objects stored in the global catalog, using the root (forest) Domain NC as the search base. This query will find all domains in the forest. To find the list of domains for an alternate forest, include the name of the forest as part of the ADsPath used in the first line of code. The following would target the othercorp.com forest: set objRootDSE = GetObject("LDAP://othercorp.com/" & "RootDSE") 2.6.4 See AlsoRecipe 3.8 for finding the domain controllers for a domain |
EAN: 2147483647
Pages: 456