You are working/discovering at a client site and you want to determine the domain controllers.
There are many many sources and methods to skin this cat. Here is a digest of a few of the best methods.
nslookup from command line
nslookup
set type=all
_ldap._tcp.dc._msdcs.DOMAIN_NAME
*probably the most standard, all you need is any Windows machine
from command line
set l (Lowercase "L")
*will only show the domain controller that authenticated you - does not show all domain controllers
From command line
gpresult /r
*will only show the domain controller that provided group policy to you at logon - does not show all domain controllers
From PowerShell
Import-Module ActiveDirectory
Get-ADDomainController | select name
*assumes you have RSAT and powershell installed
*only shows a domain controller not all domain controllers
My personal favorite
From command line
nstest /dclist:domain
*shows all domain controllers and their AD site
Showing posts with label domain controller. Show all posts
Showing posts with label domain controller. Show all posts
Thursday, October 8, 2015
Monday, July 20, 2015
Domain Controller, New Domain, Server 2012 r2 Core, Part 1.
I am setting up a test lab for "Skype for Business 2015". To proceed with testing I wanted a new lab consisting of:
2x Domain Controller (w/ DNS) - Windows 2012 R2 Core
1x SQL server 2012 on Windows 2012 (not r2, W/ GUI)
1x Skype for Business 2015 (Lync) server on Windows 2012
1x RDS server (as client) on server 2008R2
As a guide to configuring the Domain Controllers, below are the commands and Powershell commands that I use.
*THIS IS ONLY FOR A LAB ENVIRONMENT! I would not recommend this for a production environment*
Let me preface this by saying that all of these commands are not mandatory and this is not a secure installation. I like to disable IP v6 and all related components in my lab environment and disable the firewall.
Part 1. First domain controller, assuming a completely vanilla installation
Step 1.
Use SCONFIG to configure:
IP address, Subnet mask
defaut gateway address
DNS address
turn on (enable) remote desktop
computer name (reboot after)
step 2. disable ip6 components
From command line:
*test computer name and IP address:
hostname
ipconfig /all
netsh int ipv6 isatap set state disabled
netsh int ipv6 6to4 set state disabled
netsh int teredo set state disable
step 3. disable IP Helper service
From Powershell:
# PowerShell cmdlet to list services that are running
Get-Service * | Where-Object {$_.Status -eq "Stopped"}
#disable "IP Helper" service
set-service iphlpsvc -startuptype disabled
stop-service iphlpsvc
step 4A. disable IPv6 on adapter. on a fresh install the only adapter is called "Ethernet"
Get-NetAdapterBinding -InterfaceAlias Ethernet | Select-Object Name,DisplayName,ComponentID
Disable-NetAdapterBinding -InterfaceAlias Ethernet -ComponentID ms_tcpip6
step 4B. disable firewall
Get-NetFirewallProfile | Set-NetFirewallProfile -enabled false
step 5. install AD services (does not make a domain controller)
Install-WindowsFeature -Name AD-Domain-Services
step 6 (basic commands, accepts defaults during AD install
$Password = ConvertTo-SecureString -AsPlainText -String MyRetoreModePassword -Force
Install-ADDSForest -DomainName lab.local -SafeModeAdministratorPassword $Password -InstallDns
(additional command to append to previous command, if required/desired to change)
-DomainNetbiosName lab -DomainMode Win2012R2 -ForestMode Win2012R2 -DatabasePath "%SYSTEMROOT%\NTDS" `
-LogPath "%SYSTEMROOT%\NTDS" -SysvolPath "%SYSTEMROOT%\SYSVOL" -NoRebootOnCompletion -Force
#Step 5
Restart-Computer -Force
This should complete your first DC installation. See part 2 for installation of the second domain controller.
2x Domain Controller (w/ DNS) - Windows 2012 R2 Core
1x SQL server 2012 on Windows 2012 (not r2, W/ GUI)
1x Skype for Business 2015 (Lync) server on Windows 2012
1x RDS server (as client) on server 2008R2
As a guide to configuring the Domain Controllers, below are the commands and Powershell commands that I use.
*THIS IS ONLY FOR A LAB ENVIRONMENT! I would not recommend this for a production environment*
Let me preface this by saying that all of these commands are not mandatory and this is not a secure installation. I like to disable IP v6 and all related components in my lab environment and disable the firewall.
Part 1. First domain controller, assuming a completely vanilla installation
Step 1.
Use SCONFIG to configure:
IP address, Subnet mask
defaut gateway address
DNS address
turn on (enable) remote desktop
computer name (reboot after)
step 2. disable ip6 components
From command line:
*test computer name and IP address:
hostname
ipconfig /all
netsh int ipv6 isatap set state disabled
netsh int ipv6 6to4 set state disabled
netsh int teredo set state disable
step 3. disable IP Helper service
From Powershell:
# PowerShell cmdlet to list services that are running
Get-Service * | Where-Object {$_.Status -eq "Stopped"}
#disable "IP Helper" service
set-service iphlpsvc -startuptype disabled
stop-service iphlpsvc
step 4A. disable IPv6 on adapter. on a fresh install the only adapter is called "Ethernet"
Get-NetAdapterBinding -InterfaceAlias Ethernet | Select-Object Name,DisplayName,ComponentID
Disable-NetAdapterBinding -InterfaceAlias Ethernet -ComponentID ms_tcpip6
step 4B. disable firewall
Get-NetFirewallProfile | Set-NetFirewallProfile -enabled false
step 5. install AD services (does not make a domain controller)
Install-WindowsFeature -Name AD-Domain-Services
step 6 (basic commands, accepts defaults during AD install
$Password = ConvertTo-SecureString -AsPlainText -String MyRetoreModePassword -Force
Install-ADDSForest -DomainName lab.local -SafeModeAdministratorPassword $Password -InstallDns
(additional command to append to previous command, if required/desired to change)
-DomainNetbiosName lab -DomainMode Win2012R2 -ForestMode Win2012R2 -DatabasePath "%SYSTEMROOT%\NTDS" `
-LogPath "%SYSTEMROOT%\NTDS" -SysvolPath "%SYSTEMROOT%\SYSVOL" -NoRebootOnCompletion -Force
#Step 5
Restart-Computer -Force
This should complete your first DC installation. See part 2 for installation of the second domain controller.
Subscribe to:
Posts (Atom)