Distinguished Name of a user

Posted on 2011-05-01
Medium Priority
Last Modified: 2012-05-11
We are using Widows server 2003 Domain controllers. We have to doamins say abc.com and xyz.abc.com. There is trust between these two domains. I have access on the root domain xyz.com. I don't have the access on the child domain. I would like to know the distinguished name of a user in the domain xyz.abc.com. From the domain abc.com how can I know the DN name of a user in the domain xyz.abc.com?
Can you please specify me any commands for doing this?

Thanks in advance.
Question by:gaddam01
LVL 57

Accepted Solution

Mike Kline earned 2000 total points
ID: 35501355
You can use adsiedit and connect to that domain and then look up the DN.  My screenshots are from 2008 but same theory applies in 2003.

Another way I really like is by using adfind from Joe Richards  http://www.joeware.net/freetools/tools/adfind/index.htm

So there in the adfind command I searched the global catalog and used the shortcut switch and searched for test3 and just returned the DN



Author Comment

ID: 35697445
Pleased note that in the child domain I don't have access. So I can not connect to adsiedit tool in the domain. Please suggest me how to get the DN of a user in the domain which I don't have the access.

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question