Recipe 3.9 Finding the Closest Domain Controller
3.9.1 Problem
You want to find the closest domain controller for a particular
domain.
3.9.2 Solution
3.9.2.1 Using a command-line interface
The following command finds the closest domain controller in the
specified domain (<DomainDNSName>).
By default, it will return the closest DC for the computer
nltest is being run from, but you can optionally
use the /server option to target a remote host.
You can also optionally specify the /site option
to find a domain controller that belongs to a particular site.
> nltest /dsgetdc:<DomainDNSName> [/site:<SiteName>] [/server:<ClientName>]
3.9.2.2 Using VBScript
' This code finds the closest domain controller in the domain
' that the computer running the script is in.
' ------ SCRIPT CONFIGURATION ------
strDomain = "<DomainDNSName>" ' e.g. emea.rallencorp.com
' ------ END CONFIGURATION ---------
set objIadsTools = CreateObject("IADsTools.DCFunctions")
objIadsTools.DsGetDcName( Cstr(strDomain) )
Wscript.Echo "DC: " & objIadsTools.DCName
Wscript.Echo "DC Site: " & objIadsTools.DCSiteName
Wscript.Echo "Client Site: " & objIadsTools.ClientSiteName
3.9.3 Discussion
The DC locator process as described in MS KB 314861 and MS KB 247811
defines how clients find the closest domain controller. The process
uses the site topology stored in Active Directory to calculate the
site a particular client is in. After the client site has been
identified, then it is a matter of finding a domain controller that
is either a member of that same site or that is covering for that
site.
The Microsoft DsGetDcName Directory Services API
method implements the DC Locator process, but unfortunately cannot be
used directly from a scripting language, such as VBScript. The
IADsTools interface provides a wrapper around
DsGetDcName, which is what I used. The
nltest /dsgetdc command is also a wrapper around
the DsGetDcName method, and is a handy tool when
troubleshooting client issues related to finding an optimal domain
controller.
3.9.3.1 Using a command-line interface
You can use nltest to return the closest domain
controller that is serving a particular function. Some of the
available functions include a global catalog server
(/GC switch), time server
(/TIMESERV switch), KDC (/KDC
switch), and PDC (/PDC switch). Run
nltest /? from a command line for the complete
list.
3.9.3.2 Using VBScript
Similar to nltest, you can specify additional
criteria for finding a domain controller by calling the
SetDsGetDcNameFlags method before calling
DsGetDcName.
SetDsGetDcNameFlags accepts a comma-delimited
string of the following flags:
- DS_FORCE_REDISCOVERY
- DS_DIRECTORY_SERVICE_REQUIRED
- DS_DIRECTORY_SERVICE_PREFERRED
- DS_GC_SERVER_REQUIRED
- DS_PDC_REQUIRED
- DS_IP_REQUIRED
- DS_KDC_REQUIRED
- DS_TIMESERV_REQUIRED
- DS_WRITABLE_REQUIRED
- DS_GOOD_TIMESERV_PREFERRED
- DS_AVOID_SELF
- DS_IS_FLAT_NAME
- DS_IS_DNS_NAME
- DS_RETURN_DNS_NAME
- DS_RETURN_FLAT_NAME
3.9.4 See Also
For more information on the IADsTools interface
see IadsTools.doc in the Support
Tools, MS KB 247811 (How Domain Controllers Are Located in Windows),
MS KB 314861 (How Domain Controllers Are Located in Windows XP),
MSDN: DsGetDcName, and MSDN: MicrosoftDNS
|