Re: Find AD hostname from Linux command line

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

<google@xxxxxxxxxxxx> wrote in message
news:1155434563.752559.148400@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I have control over neither the AD servers nor the DHCP servers that
hand out the IP addresses. But here is a description of the _symptoms_
and what I need to find out.

You seem to have several fundamental misconceptions
about DNS, AD, how and where registration occurs so
read this entire message.

1. The Windows XP workstation gets an IP (say, 192.168.10.11) from some
non-Windows DHCP server. The IP is registered in the normal (i.e.,
non-Windows) way as something like "dhcp-036.mydomain.com". (Note: The
IP it gets is not really private.)

Does the DHCP server register this name or is it manually
(and thus permanently) registered?

Is "Mydomain.com" the same domain (name) as the AD?


2. The Windows workstation has the computer name (e.g., "lancelot")
assigned manually when it is built. So, in our situation the hostname
will _always_ be different than the computer name. That the two names
are different is not the issue.

FIX THIS. The Windows name NEEDS to be (in the System Control
Panel) "lancelot.mydomain.com" (or the correct AD domain name.)

Windows machines cannot register themselves UNLESS they know
their domain/zone name.

3. This Windows workstation has a single NIC which has the option
"Register this connection's addresses in DNS" turned ON. According to
the help for this option this means that the workstation will try to do
a dynamic registration of the IP address with the full computer name.

Yes, but note that you need a SUFFIX to pick the Zone/Domain in
which it is to be registered.

And don't depend on setting the suffix on the NIC (that is mostly for
dual homed machines) but rather SET THE NAME in the SYSTEM
CONTROL panel.

As there is only one Active Directory on our college campus, I presume
that this dynamic registration happens with one of the college's AD
servers.

No, it must happen with your DNS servers for the ZONE of the
machine name set in the SYSTEM CONTROL Panel.

That the DC happens to be the DNS server is merely an accident
(from the client's perspective.)

As the Windows XP's computer name is "lancelot" I am guessing
that the reverse mapping "lancelot.ad.mydomain.com" to 192.168.10.11 is
recorded somewhere in the guts of the Active Directory.

Not unless you set the COMPUTER name and DOMAIN in the
SYSTEM CONTROL PANEL to "lancelot.ad.domain.com" will
the FORWARD name be set.

As to the reverse that is an entirely separate registration which
must be in the REVERSE zone (there is no direct relationship
between forward and reverse zones to the DNS servers -- this
relationship is all in the minds of us administrators.)

You must have the forward zone set to ALLOW dynamic registration
and if you want the reverse records dynamically registered you
must also have it set to accept them SEPARATELY.

Each zone, forward OR reverse, is configured separately.

4. Thus, if log onto a Windows machine that is part of the Active
Directory and type "ping dhcp-036.mydomain.com" or "ping
lancelot.ad.mydomain.com" in both cases I get responses from the same
address, as expected.

Then forward registration is happening as expected and someone
has already set up (manually probably) the alternate name.

5. If I am on a Linux server and do "ping lancelot.ad.mydomain.com",
not surprisingly I get a complaint that it cannot resolve the hostname.

Presuming you tried #4 from a differnet machine, this is NOT a
DNS registration problem but a RESOLUTION issue.

My bet (with the presumption being confirmed) is that the UNIX
box is using a "different set of DNS servers" OR (most likely) the
PARENT zone server (mydomain.com) has never bothered to
DELEGATE to the Windows DNS server for the ad.mydomain.com
zone.


QUESTION: I want a script that will run on a Linux server and that when

Why would you expect Windows to have a script that would run on
a Linux server? (You'll have to write such a thing.)

given an IP address will return the computer name of the Windows client
that registered that IP dynamically with the Active Directory, if there
is one.

No, not unless you can get the reverse record registered or you
write something custom.

First, computer names do NOT get registered with AD, but rather
with DNS. (That AD requires an 'associated' DNS server/zone
is important but note that it is the DNS which holds the name to
address mappings and these are optional for NON-DCs.)

Presuming you have no control of the reverse zone (which is
quite common), I can think of a way to do it but it won't be
pretty and must run with either admin privileges or from a
machine which can list the zone (usually disabled on all but
secondaries.)

You could use DNScmd on a DNS server to produce a list
and make it available to your Linux server which could run
a script to process it for the reverse record.

(The IP address of the local AD domain controller would be
built-in to the script.)

Not necessary or even relevant. (Irrelevant since the DC
doesn't have the DNS registration -- that's the DNS server) and
unnecessary since you can simply query the DNS server for
the list of NameServers.

Then you would need a way to "list the zone" (which is usually
disabled for security reasons), either by using the nslookup
list command or by reading a file from a known location --
e.g., the file share name MIGHT need to be incoded. (I would
suggest "NetLogon" share IF (and only if) your DCs are also
your DNS servers for AD. The Netlogon share exists on all
DCs and is set to everyone Read (even unathenticated users
if you haven't secured your machines thoroughly.)

In my running example, I would type something
like "computername 192.168.10.11" and get back "lancelot". What tool
that runs on Linux will enable me to direct a query of this nature
against an Active Directory domain controller?

There isn't a single tool that could do that. You could write it in
Perl in just a few lines IF the security allows it.

Easier would likely be to have the main script run on the DNS
server and product the list of names to IPs and make it available,
then a simple grep or perl script from Linux could find the
record you want.


--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]


.

Relevant Pages