Locate a host in Parent/Child Domain

Locate a host in Parent/Child Domain

We have Active Directory Parent and Child domains.

I would like to know if there is any way to tell if a computer is part of the parent domain or child domain ?
I am not sure if using Nslookup will give you the right domain a host belongs to.

Thank you
jskfanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jeff GloverSr. Systems AdministratorCommented:
Are you looking for something programmatic or just a command line query? If you ping the the hostname, it will return the FQDN. So if you are looking for host server1 and your parent domain is domain.com and the child is child.domain.com, opening a command prompt and typing ping server1 will return  Pinging server1.domain.com if it is in the Parent domain and Pinging server1.child.domain.com if it is in the child domain.
0
Shaun VermaakTechnical Specialist/DeveloperCommented:
It is best to just check against AD directly, perhaps with Powershell
Get-ADComputer -Identity "ComputerName"

Open in new window


NSLOOKUP/PING etc. can return incorrect information if it registered in two or more different zones.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Michael B. SmithExchange & Active Directory ExpertCommented:
There are a couple of ways to approach this. Probably the easiest:

Get-AdComputer -Filter { name -eq 'server1' } -Properties * | fl DistinguishedName, CanonicalName

Open in new window

DistinguishedName : CN=SERVER1,OU=Domain Controllers,DC=smithcons,DC=local
CanonicalName     : smithcons.local/Domain Controllers/SERVER1
In the CanonicalName, the domain is given before the first '/'.

In the DistinguishedName, the domain is "DC=smithcons,DC=local".

To go old-school, you can use dsquery.

dsquery computer forestroot -name server1

Open in new window

This also gives you a distinguishedName:
"CN=SERVER1,OU=Domain Controllers,DC=smithcons,DC=local"
Both dsquery and Get-AdComputer require that you execute them on a DC or have installed RSAT-ADDS.
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Jeff GloverSr. Systems AdministratorCommented:
Yes, I agree that ping and nslookup can show misleading information if and only if you do not understand your own DNS. However, using get-adcomputer only works if you are in that domain so to find a computer you may have to query it in all domains separately. However, as Michael stated, dsquery works fine.
0
Shaun VermaakTechnical Specialist/DeveloperCommented:
No, you can do it from other domains
Get-ADComputer -Filter * -SearchBase "DC=MyOtherDomain,DC=com" -Server "MyOtherDomain.com"

Open in new window

1
Michael B. SmithExchange & Active Directory ExpertCommented:
Mea culpa.

Get-AdComputer will work if you set the SearchBase to the forest root domain, e.g., "dc=smithcons,dc=local", but that extra step is required.
1
Ganesamoorthy STech LeadCommented:
My computer properties shows the Domain where the computer joined on GUI
0
Shaun VermaakTechnical Specialist/DeveloperCommented:
I doubt OP wants to manually go to each computer and check in GUI
0
jskfanAuthor Commented:
I guess it is in the child domain. I used :

dsquery computer forestroot -name server1  and it showed
server1.child.domain.com

Also in AD when I searched for the server, then properties, it showed DNS name field: server1.child.domain.com
0
Michael B. SmithExchange & Active Directory ExpertCommented:
yep.
0
jskfanAuthor Commented:
thank you Guys
0
Shaun VermaakTechnical Specialist/DeveloperCommented:
Anytime :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.