Finding the Domains in a Forest

Finding the Domains in a Forest


You want a list of all domains in an Active Directory forest.


Using a graphical user interface

Open the Active Directory Domains and Trusts snap-in (domain.msc). The list of the domains in the default forest can be browsed in the left pane.

Using a command-line interface

You can retrieve this information using ntdsutil, adfind, or dsquery, as shown here:

	> ntdsutil "d m" "sel op tar" c "co t s <DomainControllerName>"
	q "l d" q q q

	> dsquery * -filter "objectcategory=domainDNS" -scope subtree

	> adfind root s subtree f "objectcategory=domainDNS" -dn

Using VBScript
	' This code gets the list of the domains contained in the
	' forest that the user running the script is logged into.

	strForestRoot = "<ForestRootDN>" ' i.e., dc=rallencorp, dc=com
	strADsPath = "<LDAP://cn=Partitions,cn=Configuration," & _
	    strForestRoot & ">;"
	strFilter = "(netbiosname=*);"
	strAttrs = "dnsRoot;"
	strScope = "SubTree"

	set objConn = CreateObject("ADODB.Connection") objConn.Provider = "ADsDSOObject"
	objConn.Open "Active Directory Provider"
	set objRS = objConn.Execute(strADsPath & strFilter & strAttrs & strScope)
	objRS.MoveFirst while Not objRS.EOF
	    For Each root in objRS.Fields("dnsRoot").Value


Using a graphical user interface

If you want to view the domains for an alternate forest than the one you are logged into, right-click on "Active Directory Domains and Trusts" in the left pane and select "Connect to Domain Controller." Enter the forest name you want to browse in the Domain field. In the left pane, expand the forest root domain to see any subdomains.

Using a command-line interface

In the ntdsutil example, shortcut parameters were used to reduce the amount of typing needed. If each parameter were typed out fully, the command line would look like:

	> ntdsutil "domain management" "select operation target" connections "connect 
	to server <DomainControllerName>" quit "List domains" quit quit quit

Using VBScript

In the VBScript solution, we use ADO to query the Partitions container for crossRef objects that refer to domain objects within the forest.

To find the list of domains for an alternate forest, include the name of the forest as part of the ADsPath used in the first line of code. The following would target the forest:

	set objRootDSE = GetObject("LDAP://" & "RootDSE")

See Also

Recipe 3.10 for finding the domain controllers for a domain

 Python   SQL   Java   php   Perl 
 game development   web development   internet   *nix   graphics   hardware 
 telecommunications   C++ 
 Flash   Active Directory   Windows