Discussion:
Find any AD Server/Domain Controller within local Network
(too old to reply)
Benjamin Kalytta
2008-04-04 05:51:09 UTC
Permalink
Hello,

is there a way to find any AD Server/Domain Controller within local Network?

I set up an Domain Controller in Windows 2003 Server. I tried to find some
Network API to search for AD Servers, but I didn't find any or what I found
didn't work. I tried to use DsGetDcName, but without success. Result was always
empty.

There must be a way, any ideas?

Regards,
Benjamin Kalytta
Joe Kaplan
2008-04-04 13:34:41 UTC
Permalink
If DsGetDCName doesn't work, there is likely something wrong with your DNS
integration with AD.

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
Post by Benjamin Kalytta
Hello,
is there a way to find any AD Server/Domain Controller within local Network?
I set up an Domain Controller in Windows 2003 Server. I tried to find some
Network API to search for AD Servers, but I didn't find any or what I
found didn't work. I tried to use DsGetDcName, but without success. Result
was always empty.
There must be a way, any ideas?
Regards,
Benjamin Kalytta
Benjamin Kalytta
2008-04-05 23:21:09 UTC
Permalink
Hi Joe,

I made a call like this:

DsGetDcName(0, 0, 0, 0, DS_GC_SERVER_REQUIRED, &pdci)

The returned error is ERROR_NO_SUCH_DOMAIN.

In Network Settings I changed the DNS/Nameserver to the address of the DNS
Server where DC is also running on. What could be the Problem here?

Regards,
Benjamin Kalytta
Joe Kaplan
2008-04-06 14:18:38 UTC
Permalink
Are you logged in with an account from the domain where you are trying to
locate a DC? If not, then you have to be if you don't want to supply a
domain hint in your call. If you are logged in with a domain account, then
there is something wrong. Getting NLTEST and using it to diagnose would
probably be a good idea.

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
Post by Benjamin Kalytta
Hi Joe,
DsGetDcName(0, 0, 0, 0, DS_GC_SERVER_REQUIRED, &pdci)
The returned error is ERROR_NO_SUCH_DOMAIN.
In Network Settings I changed the DNS/Nameserver to the address of the DNS
Server where DC is also running on. What could be the Problem here?
Regards,
Benjamin Kalytta
Benjamin Kalytta
2008-04-07 04:56:38 UTC
Permalink
Post by Joe Kaplan
Are you logged in with an account from the domain where you are trying to
locate a DC? If not, then you have to be if you don't want to supply a
domain hint in your call.
No, the client computer is even NOT joined to a Domain. Otherwise it wouldn't
make any sense to search for a DC in local network if the client would already
be joined.

Benjamin Kalytta
Joe Kaplan
2008-04-07 13:26:15 UTC
Permalink
Actually, it makes a lot of sense to search for a DC is the computer is
joined. That is actually how a computer FINDS a DC to talk to in the first
place. It doesn't happen by magic, it happens by a call to this API.

As I said before, it only makes sense to call DsGetDCName with a null domain
hint parameter (DomainName) if the current security context is a domain
account, as that gives the API something to bootstrap a domain name from.
If the current account isn't a domain account, you must supply a domain name
here. When you ask for a GC, you have to specify the name of the forest
instead.

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
Post by Benjamin Kalytta
Post by Joe Kaplan
Are you logged in with an account from the domain where you are trying to
locate a DC? If not, then you have to be if you don't want to supply a
domain hint in your call.
No, the client computer is even NOT joined to a Domain. Otherwise it
wouldn't make any sense to search for a DC in local network if the client
would already be joined.
Benjamin Kalytta
Benjamin Kalytta
2008-04-07 20:37:08 UTC
Permalink
Post by Joe Kaplan
If the current account isn't a domain account, you must supply a domain name
here.
Sorry to mither you again, but let me explain a scenario.

There is a large network with various Domain Controllers within. Just imagine
there is a new PC connected to the network, the user or PC don't know anything
about the network and just want to know if there is any Domain Controller within
this network to connect with or do something with it. Also imagine that
DNS/Nameserver is set up already pointing to one of the DNS Servers within
network (whichs knows about DCs -> since there are DC specifies DNS Records)

So there must be a way to get any of the DC (Domain) without knowing a name or
something. So what I think what DsGetDcName do is to do a kind of DNS Record
Query to get DC specific records which returns a list of various DCs. But
unfortunately it seems not to work.

The Query could look like:

Zones = DNSQueryGetZones(DNSServer, "_msdcs*")
foreach(Zone.Get("Domains") as Domain) {
... // Print all Domains
}

But I don't know if such queries are possible.

Regards,
Benjamin Kalytta
Joe Kaplan
2008-04-08 02:59:04 UTC
Permalink
There may be a way to scrub through DNS looking for SRV records that would
indicate the presense of AD, but I'm not sure how to do that. DsGetDCName
can't bootstrap a DC without some sort of domain info to go by though.

If the environment you were in had more than 1 domain or there was more than
one forest (which is typical in large networks), how would you know whether
a DC you found was relevant to what you want to do?

I'd suggest asking this question again on the
microsoft.public.windows.server.active_directory group to see if anyone else
has any ideas on how you might be able to do this.

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
Post by Benjamin Kalytta
Post by Joe Kaplan
If the current account isn't a domain account, you must supply a domain
name here.
Sorry to mither you again, but let me explain a scenario.
There is a large network with various Domain Controllers within. Just
imagine there is a new PC connected to the network, the user or PC don't
know anything about the network and just want to know if there is any
Domain Controller within this network to connect with or do something with
it. Also imagine that DNS/Nameserver is set up already pointing to one of
the DNS Servers within network (whichs knows about DCs -> since there are
DC specifies DNS Records)
So there must be a way to get any of the DC (Domain) without knowing a
name or something. So what I think what DsGetDcName do is to do a kind of
DNS Record Query to get DC specific records which returns a list of
various DCs. But unfortunately it seems not to work.
Zones = DNSQueryGetZones(DNSServer, "_msdcs*")
foreach(Zone.Get("Domains") as Domain) {
... // Print all Domains
}
But I don't know if such queries are possible.
Regards,
Benjamin Kalytta
Loading...