Recipe 3.19 Finding the Global Catalog Servers in a Forest

3.19.1 Problem

You want a list of the global catalog servers in a forest.

3.19.2 Solution

3.19.2.1 Using a graphical user interface

3.19.2.2 Using a command-line interface

> dsquery server -forest -isgc

3.19.2.3 Using VBScript

' This code prints the global catalog servers for the specified forest.
' ------ SCRIPT CONFIGURATION ------
strForestName = "<ForestDNSName>"  ' e.g. rallencorp.com
' ------ END CONFIGURATION ---------

set objRootDSE = GetObject("LDAP://" & strForestName & "/" & "RootDSE")
strADsPath = "<LDAP://" & objRootDSE.Get("configurationNamingContext") & ">;"
strFilter  = "(&(objectcategory=ntdsdsa)(options=1));"
strAttrs   = "distinguishedname;"
strScope   = "SubTree"

set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
set objRS = objConn.Execute(strADsPath & strFilter & strAttrs & strScope)
objRS.MoveFirst
while not objRS.EOF
    set objNTDS = GetObject("LDAP://" & objRS.Fields(0).Value)
    set objServer = GetObject( objNTDS.Parent )
    Wscript.Echo objServer.Get("dNSHostName")
    objRS.MoveNext
wend

3.19.3 Discussion

To find the global catalog servers in a forest, you need to query for NTDS Settings objects that have the low-order bit of the options attribute equal to 1 under the sites container in the Configuration Naming Context. That attribute determines if a domain controller should be a global catalog server, but it does not necessarily mean it is a global catalog server yet. See Recipe 3.18 for more information on how to tell if a server marked as a global catalog is ready to accept requests as one.

Another option for locating global catalogs is DNS, which is described in Recipe 3.21.

3.19.4 See Also

Recipe 3.18 for determining if global catalog promotion is complete