views:

316

answers:

3

I know I could just ask, but that would involve bureaucratic entanglements.

A: 

I believe that on an AD network that is DNS enabled the root zone points at all the AD servers. So, for instance, if your official AD username is [email protected], doing an nslookup of company.ad from cmd.exe will tell you all the IPs of the controllers (and hence all the IPs you could use for LDAP).

This is edited to change the zone name, but one my work system:

C:\Documents and Settings\jj33>nslookup companyname.ad
Server:  palpatine.companyname.ad
Address:  172.19.1.3

Name:  companyname.ad
Addresses:  172.16.3.2, 172.16.6.2, 172.19.1.3, 172.16.7.9
          172.19.1.14, 172.19.1.11
C:\Documents and Settings\jj33>

On my (XP) machine, this shows me my AD domain:

  • Right click "My Computer"
  • Select "Computer Name" tab
  • See "Domain:" field
jj33
I don't know my "official AD username". I don't know the "companyname.ad" part. How would I find that out from my machine?
Corey Trager
+2  A: 

Try ping or nslookup _ldap._tcp. with your AD Domain (e.g. _ldap._tcp.test.com) in a console (cmd.exe) - this should give you the AD Server IP.

_ldap._tcp.*

Is a general SRV entry made by your active directory server for locating LDAP (AD) servers in your domain. Your domain itself should match your Windows Login Domain. If this isn't the case right-click on your "My Computer" Icon on your Desktop or in your Explorer and click Properties. In the System Properties there is a Tab showing your Computer Name and its Network ID, which also contains its DOMAIN/WORKGROUP name. This is what you should append to the resource locator above.

Btw. how did you get access to that machine without your Domain Login? :)

Edit: The FOOAD name would be the "old" Domain name, and foo.something.something the new DNS based name - this should give you the server address. Also try the suggestion by Almond, which is more specific regarding the requested service.

VolkA
But, how would I know my AD Domain, my version of the "_ldap._tcp.test.com" part?
Corey Trager
Thanks for the clear instructions. I type nslookup _ldap._tcp.MYDOMAIN and nslookup echoes back to me the _ldap._tcp.MYDOMAIN, but no IP...Somehow, my domain is called something else in the user login dialog. In the dialog, it's FOOAD, but in properties, it foo.something.something
Corey Trager
While logged in to your machine, you could try running MMC.exe, then from the File Menu, Add Snapin, then add the AD Users and Computers. You might have enough rights to look at your self. On the accounts tab is your UserPrinicpal Name. The bit after the @ is probably the domain name. Probably.
geoffc
A: 

Open command prompt if you can, type ipconfig /all look at the entry for primary dns suffix. This mostly likely the domain that your workstation is on. Another potenial way is to log out and look at the domain listed below username/password in the login window.

Once you have your domain name open command prompt again and type the following:

nslookup _LDAP._TCP.dc._msdcs.mydomain

this will give you a ip address for the domain controller.

Almond