Solved

System GUID for each DC

Posted on 2006-11-22
9
416 Views
Last Modified: 2012-05-05
I wanted to see if anyone had a VBScript to do something like this...

1. List the GUID of each DC
2. List the 'expected' GUID from each directory replication partner DC

Right now, I have to use either ADSIedit or NTDSUTIL to harvest this info, looking for a GUID mis-match. This happens when someone performs a Force Remove of Active Directory from a DC which leaves alot of orphaned Directory data for the DC, then promotes a DC of exactly the same name back into AD.

If you have suggestions which fall outside the VBScript realm, I am open to suggestions.

Thank you and Happy Thanksgiving!
JohnD
0
Comment
Question by:johndarby
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
9 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 18007011

Hi JohnD,

Just a single domain here?

Chris
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 18007067

Oh and just so I understand correctly. You're looking for the entries in AD Sites and Services where the connection name is displaying as a GUID rather than a Server Name?

If so, that would imply you want the connection name (with the out of date GUID) and the value held in fromServer which states where it thinks it should be replicating from?

Chris
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 18007785

It's going to take a bit of looking into.

I haven't managed to find what the GUIDs associated with the automatically generated NTDS Connections actually link to, they certainly don't match to the Computer Account GUID for the DC, and they won't match to either the Server Object under Sites or the NTDS Settings container underneath that.

Chris
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:johndarby
ID: 18008799
I have been looking, as well. I appreciate your help!
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 18008928

Oh and there seems to be no easy way to identify whether the connection is automatically generated. Clearly it must be in there somewhere... but...

I could tell you how to retrieve GUIDs and convert them into a Hexadecimal String in VbScript if you like? Without being able to eliminate the automatically generated connections it's unlikely to be much help, but just in case.

Chris
0
 
LVL 1

Author Comment

by:johndarby
ID: 18009158
Thanks Chris...I will update this thread when I find the answer, so we can all benefit. I am working at Microsoft and will do the silly thing and ask one of the AD guys the key question. I had originally thought I was just daft and missing the obvious, but it seems the digging is a bit deeper and the info could help us produce a tool which consultants could use to quickly check for DC GUID mismatch when troubleshooting DS replication problems.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 18018066

If you do manage to find where the attribute is stored I can finish off this script, this is what I was using to try and like the values up. I'm a bit stuck though short of trying to match the GUID to everything available in AD.

It does at least show how to convert a GUID array into a readable format (and into the same format you'll see it displayed with in other LDAP browsers).

Chris



Option Explicit

'
' Functions & Subroutines
'

Function FormatGUID(arrGUID)
      Dim strGUID, strTemp
      Dim i

      For i = LBound(arrGUID) To UBound(arrGUID)
            strTemp = strTemp & Hex(AscB(MidB(arrGUID, i + 1, 1)) \ 16) &_
                  Hex(AscB(MidB(arrGUID, i + 1, 1)) Mod 16)
      Next

      ' Reversed Pairs

      i = 0
      Do Until i = 8
            strGUID = strGUID & Mid(strTemp, 7 - i, 1)
            strGUID = strGUID & Mid(strTemp, 8 - i, 1)
            i = i + 2
      Loop
      strGUID = strGUID & "-"
      Do Until i = 12
            strGUID = strGUID & Mid(strTemp, 19 - i, 1)
            strGUID = strGUID & Mid(strTemp, 20 - i, 1)
            i = i + 2
      Loop
      strGUID = strGUID & "-"
      Do Until i = 16
            strGUID = strGUID & Mid(strTemp, 27 - i, 1)
            strGUID = strGUID & Mid(strTemp, 28 - i, 1)
            i = i + 2
      Loop
      strGUID = strGUID & "-"

      ' Normal Pairs

      For i = 17 to 20
            strGUID = strGUID & Mid(strTemp, i, 1)
      Next
      strGUID = strGUID & "-"
      For i = 21 to 32
            strGUID = strGUID & Mid(strTemp, i, 1)
      Next
      strGUID = LCase(strGUID)
      FormatGUID = strGUID
End Function

Sub GetCurrentNTDSDSA
      Const ADS_SCOPE_SUBTREE = 2

      Dim objConnection, objCommand, objRootDSE, objRecordSet
      Dim strGUID

      Set objConnection = CreateObject("ADODB.Connection")
      objConnection.Provider = "ADsDSOObject"
      objConnection.Open "Active Directory Provider"
      
      Set objCommand = CreateObject("ADODB.Command")
      objCommand.ActiveConnection = objConnection

      Set objRootDSE = GetObject("LDAP://RootDSE")
      objCommand.CommandText = "SELECT objectGUID, distinguishedName FROM 'LDAP://" &_
            objRootDSE.Get("configurationNamingContext") & "' WHERE objectClass='server'"
      Set objRootDSE = Nothing
      
      objCommand.Properties("Page Size") = 1000
      objCommand.Properties("Timeout") = 600
      objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
      objCommand.Properties("Cache Results") = False
      
      Set objRecordSet = objCommand.Execute
      
      While Not objRecordSet.EOF
            strGUID = FormatGUID(objRecordSet.Fields("objectGUID"))

            objDCList.Add strGUID, objRecordSet.Fields("distinguishedName")
            If InStr(objRecordSet.Fields("distinguishedName"), "UKDC01") Then
                  WScript.Echo strGUID & " - " & objRecordSet.Fields("distinguishedName")
            End If

            objRecordSet.MoveNext
      Wend
      
      objConnection.Close
      
      Set objRecordSet = Nothing
      Set objCommand = Nothing
      Set objConnection = Nothing
End Sub

Sub GetCurrentNTDSConnections
      Const ADS_SCOPE_SUBTREE = 2

      Dim objConnection, objCommand, objRootDSE, objRecordSet

      Set objConnection = CreateObject("ADODB.Connection")
      objConnection.Provider = "ADsDSOObject"
      objConnection.Open "Active Directory Provider"
      
      Set objCommand = CreateObject("ADODB.Command")
      objCommand.ActiveConnection = objConnection

      Set objRootDSE = GetObject("LDAP://RootDSE")
      objCommand.CommandText = "SELECT name, distinguishedName, fromServer FROM 'LDAP://" &_
            objRootDSE.Get("configurationNamingContext") & "' WHERE objectClass='nTDSConnection'"
      Set objRootDSE = Nothing
      
      objCommand.Properties("Page Size") = 1000
      objCommand.Properties("Timeout") = 600
      objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
      objCommand.Properties("Cache Results") = False
      
      Set objRecordSet = objCommand.Execute
      
      While Not objRecordSet.EOF
            If objDCList.Exists(objRecordSet.Fields("name")) Then
                  WScript.Echo "Matched"
            End If
            objRecordSet.MoveNext
      Wend
      
      objConnection.Close
      
      Set objRecordSet = Nothing
      Set objCommand = Nothing
      Set objConnection = Nothing
End Sub

'
' Main Code
'

' Global Variables

Dim objDCList, objErrorList

Set objDCList = CreateObject("Scripting.Dictionary")
Set objErrorList = CreateObject("Scripting.Dictionary")

GetCurrentNTDSDSA
GetCurrentNTDSConnections

WScript.Echo objDCList.Count
WScript.Quit


Set objSites = GetObject("LDAP://CN=Sites," & objRootDSE.Get("configurationNamingContext"))

For Each objSite in objSites
      If objSite.Name <> "CN=Subnets" And objSite.Name <> "CN=Inter-Site Transports" Then
            Set objServers = GetObject("LDAP://CN=Servers," & objSite.Get("distinguishedName"))

            For Each objServer in objServers
                  On Error Resume Next
                  Err.Clear
                  Set objNTDSSettings = GetObject("LDAP://CN=NTDS Settings," & objServer.Get("distinguishedName"))
                  If Err.Number = 0 Then
                        For Each objConnection in objNTDSSettings
                              strConnection = objConnection.Name
                              strFromServer = objConnection.Get("fromServer")
                              strFromServer = Mid(strFromServer, 18, Len(strFromServer) - 17)
                              strFromServer = Left(strFromServer, InStr(strFromServer, ",") - 1)

                              If strConnection <> strFromServer Then
                                    If objDCList.Exists(objConnection.Get("name")) Then

                                          ' Except we're not getting the correct matches to get rid of the
                                          ' automatically generated connections

                                    End If
                              End If
                        Next
                  Else
                        objErrorList.Add objServer.Get("distinguishedName"), "Missing NTDS Settings"
                  End If
                  On Error Goto 0
            Next
      End If
Next
0
 
LVL 1

Author Comment

by:johndarby
ID: 18023637
Criminy Chris!
It may take me a while to process this script. However, thank you...I am sure you did a great job!
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 18027148

It's just a shame that it won't work completely at the moment because we can't eliminate the automatically generated connections.

Chris
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background What I'm presenting in this article is the result of 2 conditions in my work area: We have a SQL Server production environment but no development or test environment; andWe have an MS Access front end using tables in SQL Server but we a…
This article describes how to use a set of graphical playing cards to create a Draw Poker game in Excel or VB6.
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…
Suggested Courses
Course of the Month11 days, 1 hour left to enroll

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question