Enumerate Nested domains

Enumerate Nested domains

Post by Jay Moone » Sun, 23 Feb 2003 01:29:41



Hello all,

Is there a set of LDAP queries that will allow me to
generate a list of the domains nested in a forest?  I can
see the top level domain, but I don't see anything
indicating the existance of any sub domains.

Thank you.

Jay

 
 
 

Enumerate Nested domains

Post by Richard Muelle » Sun, 23 Feb 2003 03:08:42



>Hello all,

>Is there a set of LDAP queries that will allow me to
>generate a list of the domains nested in a forest?  I can
>see the top level domain, but I don't see anything
>indicating the existance of any sub domains.

>Thank you.

>Jay
>.

Hi,

The RootDSE object allows you to determine the root of the
forest. You could simply enumerate domains off the root.
To handle nested domains, you would need a recursive
subroutine:

Set objRootDSE = GetObject("LDAP://RootDSE")
strForest = objRootDSE.Get("rootDomainNamingContext")
Set objForest = GetObject("LDAP://" & strForest)
Call EnumDomain(objForest)

Sub EnumDomain(objParent)
  Wscript.Echo "Domain: " & objParent.Name
  objParent.Filter = Array("domain")
  For Each objChild In objParent
    Call EnumDomain(objChild)
  Next
End Sub

Richard

 
 
 

Enumerate Nested domains

Post by Joe Richards [MVP » Sun, 23 Feb 2003 04:10:05


The following query parameters will give you a list of all Domains in a
Forest

Port: 3268
Base: ""
Scope: Subtree
Filter: objectcategory=domaindns

If using adfind from www.joeware.net the query would look like:

adfind -gc -b -f objectcategory=domaindns -dn

Ex:
[Fri 02/21/2003 13:31:54.96]
C:\TEMP>adfind -gc -b -f objectcategory=domaindns -dn


Using server: w2kasdc1.joehome.com

dn:DC=joehome,DC=com
dn:DC=newtree,DC=test

2 Objects returned

[Fri 02/21/2003 13:32:14.43]
C:\TEMP>

--
Joe Richards
www.joeware.net
---


Quote:> Hello all,

> Is there a set of LDAP queries that will allow me to
> generate a list of the domains nested in a forest?  I can
> see the top level domain, but I don't see anything
> indicating the existance of any sub domains.

> Thank you.

> Jay

 
 
 

Enumerate Nested domains

Post by Jay Moone » Sun, 23 Feb 2003 05:24:53


So I did what you suggested, I see all of my OUs and
containers for my primary domain, but the sub domain
still doesn't show up.  

Is this a sign that the network configuration is
incorrect?  Is there some way to tie the sub domain back
to the primary domain?  

Thanks again.

Jay

>-----Original Message-----

>>Hello all,

>>Is there a set of LDAP queries that will allow me to
>>generate a list of the domains nested in a forest?  I
can
>>see the top level domain, but I don't see anything
>>indicating the existance of any sub domains.

>>Thank you.

>>Jay
>>.
>Hi,

>The RootDSE object allows you to determine the root of
the
>forest. You could simply enumerate domains off the root.
>To handle nested domains, you would need a recursive
>subroutine:

>Set objRootDSE = GetObject("LDAP://RootDSE")
>strForest = objRootDSE.Get("rootDomainNamingContext")
>Set objForest = GetObject("LDAP://" & strForest)
>Call EnumDomain(objForest)

>Sub EnumDomain(objParent)
>  Wscript.Echo "Domain: " & objParent.Name
>  objParent.Filter = Array("domain")
>  For Each objChild In objParent
>    Call EnumDomain(objChild)
>  Next
>End Sub

>Richard
>.

 
 
 

Enumerate Nested domains

Post by <Add> » Tue, 25 Feb 2003 09:08:39


1.) Make a reference to AD type library

2.) Try putting this in module part:

****************************************************************************
*************
Public Const ID_OK As Long = 1&
Public Const MAX_PATH As Long = 260&

Public Enum DSBI_ENUM
    DSBI_NOBUTTONS = &H1&
    DSBI_NOLINES = &H2&
    DSBI_NOLINESATROOT = &H4&
    DSBI_CHECKBOXES = &H100&
    DSBI_NOROOT = &H10000
    DSBI_INCLUDEHIDDEN = &H20000
    DSBI_EXPANDONOPEN = &H40000
    DSBI_ENTIREDIRECTORY = &H90000
    DSBI_RETURN_FORMAT = &H100000
    DSBI_HASCREDENTIALS = &H200000
    DSBI_IGNORETREATASLEAF = &H400000
    DSBI_SIMPLEAUTHENTICATE = &H800000
    DSBI_RETURNOBJECTCLASS = &H1000000
End Enum

Public Type DSBROWSEINFO
    cbStruct As Long
    hwndOwner As Long
    pszCaption As Long
    pszTitle As Long
    pszRoot As Long
    pszPath As Long
    cchPath As Long
    dwFlags As DSBI_ENUM
    pfnCallback As Long
    lParam As Long
    dwReturnFormat As ADS_FORMAT_ENUM
    pUserName As Long
    pPassword As Long
    pszObjectClass As Long
    cchObjectClass As Long
End Type

Public Declare Function DsBrowseForContainer Lib "dsuiext" Alias
"DsBrowseForContainerW" (pInfo As DSBROWSEINFO) As Long

Public Function BFFCallBack(ByVal hwnd As Long, ByVal uMsg As Long, ByVal
lParam As Long, ByVal lpData As Long) As Long

    BFFCallBack = 0

End Function

3.) Create a form (in VB of MS Access with one button (cmdBrowseADContainer)
and one textbox (txtPath) and you have a browser.

4.) Put this in your form:

****************************************************************************
****************************
Sub InitializeDsBrowseInfo(udtDsBrowseInfo As DSBROWSEINFO, ByVal
pfnCallback As Long)

    udtDsBrowseInfo.pfnCallback = pfnCallback

End Sub

Sub cmdBrowseADContainer_click()

    Dim lngResult As Long
    Dim strPath As String
    Dim udtDsBrowseInfo As DSBROWSEINFO

    strPath = Space(MAX_PATH * 2)

    InitializeDsBrowseInfo udtDsBrowseInfo, AddressOf BFFCallBack

    With udtDsBrowseInfo
        .cbStruct = Len(udtDsBrowseInfo)
        .hwndOwner = 0
        .pszCaption = StrPtr("Browse for an Active Directory Container")
        .pszTitle = StrPtr("Select an Active Directory container.")
        .pszRoot = 0
        .pszPath = StrPtr(strPath)
        .cchPath = MAX_PATH
        'DSBI_INCLUDEHIDDEN Or
        .dwFlags = DSBI_IGNORETREATASLEAF Or DSBI_ENTIREDIRECTORY
        .lParam = 0
        .dwReturnFormat = ADS_FORMAT_X500
    End With

    lngResult = DsBrowseForContainer(udtDsBrowseInfo)

    If lngResult = ID_OK Then

        'Debug.Print strPath

        Me.txtPath.SetFocus
        Me.txtPath = RTrim$(LTrim$(strPath))

    End If

End Sub



> The following query parameters will give you a list of all Domains in a
> Forest

> Port: 3268
> Base: ""
> Scope: Subtree
> Filter: objectcategory=domaindns

> If using adfind from www.joeware.net the query would look like:

> adfind -gc -b -f objectcategory=domaindns -dn

> Ex:
> [Fri 02/21/2003 13:31:54.96]
> C:\TEMP>adfind -gc -b -f objectcategory=domaindns -dn


> Using server: w2kasdc1.joehome.com

> dn:DC=joehome,DC=com
> dn:DC=newtree,DC=test

> 2 Objects returned

> [Fri 02/21/2003 13:32:14.43]
> C:\TEMP>

> --
> Joe Richards
> www.joeware.net
> ---



> > Hello all,

> > Is there a set of LDAP queries that will allow me to
> > generate a list of the domains nested in a forest?  I can
> > see the top level domain, but I don't see anything
> > indicating the existance of any sub domains.

> > Thank you.

> > Jay