Recipe 3.10 Finding a Domain Controller's Site

3.10.1 Problem

You need to determine the site of which a domain controller is a member.

3.10.2 Solution

3.10.2.1 Using a graphical user interface

3.10.2.2 Using a command-line interface

> nltest /dsgetsite /server:<DomainControllerName> 

3.10.2.3 Using VBScript

' This code prints the site the specified domain controller is in
' ------ SCRIPT CONFIGURATION ------
strDC = "<DomainControllerName>"  ' e.g. dc1.rallencorp.com
' ------ END CONFIGURATION ---------

set objRootDSE = GetObject("LDAP://" & strDC & "/RootDSE")
set objNTDS = GetObject("LDAP://" & objRootDSE.Get("dsServiceName"))
set objSite = GetObject(GetObject(GetObject(objNTDS.Parent).Parent).Parent)
WScript.Echo objSite.Get("cn")

3.10.3 Discussion

Domain controllers are represented in the site topology by a server object and a child nTDSDSA object. Actually, any type of server can conceivably have a server object; it is the nTDSDSA object that differentiates domain controllers from other types of servers. You'll often see the nTDSDSA object of a domain controller used to refer to that domain controller elsewhere in Active Directory. For example, the fSMORoleOwner attribute that represents the FSMO owners contains the distinguished name of the nTDSDSA object of the domain controller that is holding the role.

3.10.3.1 Using a command-line interface

The nltest /dsgetsite command is a wrapper around the DsGetSiteName method.

3.10.3.2 Using VBScript

Since we cannot use the DsGetSiteName method directly in VBScript, we need to take a more indirect approach. By querying the RootDSE of the target server, we can retrieve the dsServiceName attribute. That attribute contains the DN of the nTDSDSA object for the domain controller; for example, cn=NTDSSettings,cn=dc1,cn=MySite,cn=Sites,cn=Configuration,dc=rallencorp,dc=com. Then, by calling the Parent method three consecutive times, we can retrieve the object for cn=MySite,cn=Sites,cn=Configuration,dc=rallencorp,dc=com.

3.10.4 See Also

MSDN: DsGetSiteName