Re: Listing Domain Controllers when not a member of said domain.
- From: Jerold Schulman <Jerry@xxxxxxxxxx>
- Date: Tue, 25 Jul 2006 09:30:08 -0400
On 24 Jul 2006 08:07:18 -0700, "Mandoskippy" <mandolinplayer@xxxxxxxxx> wrote:
I posted another topic similar to this here
http://groups.google.com/group/microsoft.public.windows.server.scripting/browse_thread/thread/a0caf90d90ab9f68?hl=en
In that topic I am trying to trouble shoot a specific problem based on
Hey Scripting Guy articles. There has not been much response there, so
I am reposting this slightly different.
I need to list all the domain controllers in a domain.
http://www.microsoft.com/technet/scriptcenter/resources/qanda/dec04/hey1216.mspx
and do it with a non-domain computer and alternate credentials
http://www.microsoft.com/technet/scriptcenter/resources/qanda/dec05/hey1209.mspx
Trouble is, I don't know what is going wrong when I try the second
method listed in the article for listing domain controllers.
That being said, is there any other ways to get a list domain
controllers from a domain? And doing so from a workstation that is not
a member and cannot be a member? (there is a valid account that the
owner of the workstation will have)
Thanks!
NETDOM from the support tools.
NETDOM QUERY /Domain:YourDomain.COM /Server:NetBIOS_DC_NAME /UserD:DomainAccount /PasswordD:password DC
Example:
NETDOM QUERY /Domain:JSIINC.COM /Server:JSI001 /UserD:Jennifer /PasswordD:JenniferPassword DC
NETDOM QUERY /Domain:domain [/Server:server]
[/UserD:user] [/PasswordD:[password | *]]
[/Verify] [/RESEt] [/Direct]
WORKSTATION | SERVER | DC | OU | PDC | FSMO | TRUST
NETDOM QUERY Queries the domain for information
/Domain Specifies the domain on which to query for the information
/UserD User account used to make the connection with the domain
specified by the /Domain argument
/PasswordD Password of the user account specified by /UserD. A * means
to prompt for the password
/Server Name of a specific domain controller that should be used to
perform the query.
/Verify For computers, verifies that the secure channel between the
computer and the domain controller is operating properly.
For trusts, verifies that the the trust between domains is
operating properly. Only outbound trust will be verified. The
user must have domain administrator credentials to get
correct verification results.
/RESEt Resets the secure channel between the computer and the domain
controller; valid only for computer enumeration
/Direct Applies only for a TRUST query, lists only the direct trust
links and omits the domains indirectly trusted through
transitive links. Do not use with /Verify.
WORKSTATION Query the domain for the list of workstations
SERVER Query the domain for the list of servers
DC Query the domain for the list of Domain Controllers
OU Query the domain for the list of Organizational Units under
which the specified user can create a machine object
PDC Query the domain for the current Primary Domain Controller
FSMO Query the domain for the current list of FSMO owners
TRUST Query the domain for the list of its trusts
The trust verify command checks only direct, outbound, Windows trusts. To
verify an inbound trust, use the NETDOM TRUST command which allows you to
specify credentials for the trusting domain.
NETDOM HELP command | MORE displays Help one screen at a time.
The command completed successfully.
Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com
http://www.jsifaq.com
.
- References:
- Listing Domain Controllers when not a member of said domain.
- From: Mandoskippy
- Listing Domain Controllers when not a member of said domain.
- Prev by Date: RE: Schedule script not running
- Next by Date: VBS equivalent to VB "Stop" and "step through"?
- Previous by thread: Listing Domain Controllers when not a member of said domain.
- Next by thread: Re: scripting question
- Index(es):
Relevant Pages
|
