Wednesday, June 27, 2018

Find DN for AD Integrated Forest DNS record

With ADUC it is easy to find the distinguished name of an AD object. DNS records are a little more hidden. Here would be an example:


dc=ServerName,DC=MyDomain.org,CN=MicrosoftDNS,DC=ForestDnsZones,DC=STLUKES-INT,DC=ORG

Note the weirdness, the first two sections:

dc=ServerName,dc=FullDomainName combines to make an FQDN and yet section two would normally be broken up. Say you have a parent domain and a child domain. Normally a DN would look something like this

cn=ServerName,dc=ChildDomain,dc=ChildDomain,dc=Org

but for this we have

dc=ServerName,dc=ChildDomain.ParentDomain.Org

Weird!

Also if you want to look at application metadata, don't forget to include the name of a domain controller that belongs to the same domain as the machine you are running this command from:

repadmin /showobjmeta  sl1dc1 dc=xxsql01,dc=sl2.stfreds-int.org,cn=MicrosoftDNS,DC=ForestDnsZones,DC=stfreds-int,dc=org


Cheers!

No comments:

Post a Comment