Query DnsDomainName by NETBIOS domain name via LDAP?

Discussion in 'Active Directory' started by Michael Ströder, Nov 17, 2006.

  1. HI!

    If I have only know the NETBIOS domain name can I query the DNS-based
    domain name in AD via LDAP? Maybe via global catalog?

    Many thanks in advance.

    Ciao, Michael.
     
    Michael Ströder, Nov 17, 2006
    #1
    1. Advertising

  2. Michael Ströder

    Joe Kaplan Guest

    If you do a search in the configuration container for crossRef objects, you
    can use a filter based on nETBIOSName and return the dnsRoot or nCName
    attributes to get either of those two values. You don't need to use a GC,
    as any DC will have the same configuration partition, but you can.

    Joe K.

    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "Michael Ströder" <> wrote in message
    news:...
    > HI!
    >
    > If I have only know the NETBIOS domain name can I query the DNS-based
    > domain name in AD via LDAP? Maybe via global catalog?
    >
    > Many thanks in advance.
    >
    > Ciao, Michael.
     
    Joe Kaplan, Nov 17, 2006
    #2
    1. Advertising

  3. Joe,

    thanks for answering so quickly. In the meantime I already found this
    answer by you in another forum and did some tests.

    Joe Kaplan wrote:
    > If you do a search in the configuration container for crossRef objects, you
    > can use a filter based on nETBIOSName and return the dnsRoot or nCName
    > attributes to get either of those two values. You don't need to use a GC,
    > as any DC will have the same configuration partition, but you can.


    In my tests 'nETBIOSName' and 'nCName' were not available on the GC
    (port 3268) anyway. The query only worked on DC (port 389).

    Just to make sure this also works in a multi-domain environment:
    Does each DC have knowledge in CN=Partitions,CN=Configuration,.. about
    all domains in the forest?

    What I'm after:
    I know the sAMAccountName and the NETBIOS domain name and I have to find
    the userPrincipalName based on that information.
    => so I have to:
    1. determine the DnsDomainName by searching under CN=Partitions,.. and
    afterwards
    2. query the DC of this particular domain for sAMAccountName for
    retrieving the user's entry.

    Unfortunately my customer also has three forests...

    Ciao, Michael.
     
    Michael Ströder, Nov 17, 2006
    #3
  4. Michael Ströder

    Joe Kaplan Guest

    Sorry, I forgot to check to see if those attributes are in the PAS and they
    are not, so they won't be in the GC, only on the DC via normal LDAP.

    The configuration partition is replicated to all DCs in the forest and
    contains the same stuff, so you can still use any DC you want to get this
    information. That is just "per forest" though.

    Given what you are trying to do, have you considered the DsCrackNames API or
    the IADsNameTranslate interface (which is an ADSI wrapper for DsCrackNames).
    It does all this heavy lifting for you. Pass in the NT account name
    (domain\user) and ask for the UPN back. It can translate lots of different
    formats and do batches of names at a time. It is also very fast.

    Just a thought.

    Joe K.

    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "Michael Ströder" <> wrote in message
    news:...
    > Joe,
    >
    > thanks for answering so quickly. In the meantime I already found this
    > answer by you in another forum and did some tests.
    >
    > Joe Kaplan wrote:
    >> If you do a search in the configuration container for crossRef objects,
    >> you
    >> can use a filter based on nETBIOSName and return the dnsRoot or nCName
    >> attributes to get either of those two values. You don't need to use a
    >> GC,
    >> as any DC will have the same configuration partition, but you can.

    >
    > In my tests 'nETBIOSName' and 'nCName' were not available on the GC
    > (port 3268) anyway. The query only worked on DC (port 389).
    >
    > Just to make sure this also works in a multi-domain environment:
    > Does each DC have knowledge in CN=Partitions,CN=Configuration,.. about
    > all domains in the forest?
    >
    > What I'm after:
    > I know the sAMAccountName and the NETBIOS domain name and I have to find
    > the userPrincipalName based on that information.
    > => so I have to:
    > 1. determine the DnsDomainName by searching under CN=Partitions,.. and
    > afterwards
    > 2. query the DC of this particular domain for sAMAccountName for
    > retrieving the user's entry.
    >
    > Unfortunately my customer also has three forests...
    >
    > Ciao, Michael.
     
    Joe Kaplan, Nov 17, 2006
    #4
  5. Joe,

    thanks again for your quick answers.

    Joe Kaplan wrote:
    >
    > Given what you are trying to do, have you considered the DsCrackNames API or
    > the IADsNameTranslate interface (which is an ADSI wrapper for DsCrackNames).


    This is to be implemented in Java.
    Is there something like this available for Java?

    Ciao, Michael.
     
    Michael Ströder, Nov 17, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Gregg Hill
    Replies:
    0
    Views:
    692
    Gregg Hill
    Oct 18, 2006
  2. ChanKaiShi

    Disabling NetBIOS and NetBIOS style domain name

    ChanKaiShi, Oct 7, 2004, in forum: Active Directory
    Replies:
    1
    Views:
    427
    John Negus
    Oct 8, 2004
  3. sachin

    LDAP Query witn netbios name fails in 2003

    sachin, Mar 3, 2005, in forum: Active Directory
    Replies:
    7
    Views:
    403
    Joe Richards [MVP]
    Mar 5, 2005
  4. Tomasz Onyszko

    Re: need help creating an LDAP Query from a netbios name

    Tomasz Onyszko, Sep 14, 2006, in forum: Active Directory
    Replies:
    1
    Views:
    622
    Richard Mueller
    Sep 14, 2006
  5. Ron
    Replies:
    5
    Views:
    1,313
    Kevin D. Goodknecht Sr. [MVP]
    Apr 24, 2006
Loading...

Share This Page