Is there any tool to enumerate all servers in a domain, including hidden servers?

Discussion in 'Active Directory' started by Mike Matheny, Sep 20, 2006.

  1. Mike Matheny

    Mike Matheny Guest

    We have most of our servers hidden for security reasons. Is there any way to
    enumerate all servers, including hidden ones?

    --

    Mike Matheny

    Views expressed herein do not reflect or represent
    my employer in any way.
     
    Mike Matheny, Sep 20, 2006
    #1
    1. Advertisements

  2. Hello Mike.
    I'm not sure what you mean with "hidden servers", You can use the following
    LDAP query as long the particular security context has at least read write
    to the operatingSystem attribute on all servers, that is also the default
    behaivor.

    dsquery * -attr operatingSystem distinguishedName -scope subtree -filter "
    (|(operatingSystem=*Server*))"
     
    chriss3 [MVP], Sep 21, 2006
    #2
    1. Advertisements

  3. Mike Matheny

    Mike Matheny Guest

    At a command prompt enter:
    net config server /hidden:yes

    BTW, the command you suggested returned nothing, not even an error.
    --

    Mike Matheny

    Views expressed herein do not reflect or represent
    my employer in any way.
     
    Mike Matheny, Sep 21, 2006
    #3
  4. Mike Matheny

    ESP Guest

    You have to remember NET CONFIG SERVER /Hidden
    only hides the server from Network Neighborhood, but not in AD, etc... and
    from the Browser Lists that happens normally on a Windows network.

    This cmd line can also have adverse effects on the Server Service itself.
    For ex. if you add/remove RAM to those servers, the Server service no longer
    auto-tunes itself to the changes.

    Although I don't have one handly, look into using a vbs script to enermurate
    all servers in AD ;-)

    ESP

    ===================================
     
    ESP, Sep 21, 2006
    #4
  5. Mike Matheny

    ESP Guest

    Here ya go, just wrote one for ya that searches for all 2k and 2k3 servers
    and exports those to a txt file.
    (watch word wrap)

    '---begin
    Const ADS_SCOPE_SUBTREE = 2
    Set WshShell = WScript.CreateObject("WScript.Shell")
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    Set objFile1 = objFSO.OpenTextFile("Total Machine Count.txt",8,True)
    Set objConnection = CreateObject("ADODB.Connection")
    Set objCommand = CreateObject("ADODB.Command")
    objConnection.Provider = "ADsDSOObject"
    objConnection.Open "Active Directory Provider"
    Set objCommand.ActiveConnection = objConnection
    objCommand.Properties("Page Size") = 1000
    objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
    objCommand.CommandText = "SELECT Name, operatingSystem,
    operatingSystemVersion " _
    & "FROM 'LDAP://dc=global,dc=avaya,dc=com' " _
    & "WHERE objectCategory='computer'"
    Set objRecordSet = objCommand.Execute
    objRecordSet.MoveFirst
    Do Until objRecordSet.EOF
    If (objRecordSet.Fields("operatingSystem").Value = "Windows Server 2003")
    Or _
    (objRecordSet.Fields("operatingSystem").Value = "Windows 2000 Server") Then
    objFile1.WriteLine objRecordSet.Fields("Name").Value & vbTAB & _
    objRecordSet.Fields("operatingSystem").Value
    Else
    End If
    objRecordSet.MoveNext
    Loop
    objFile1.Close
    WScript.Echo "Enumerate All Servers in AD that are Win2000 or Win2003 has
    FINISHED..."
    '---end

    ESP

    ===================================
     
    ESP, Sep 21, 2006
    #5
  6. Mike Matheny

    Mike Matheny Guest

    Thanx a bunch - however, I'm getting a table does not exist error on line
    13:

    1 Const ADS_SCOPE_SUBTREE = 2
    2 Set WshShell = WScript.CreateObject("WScript.Shell")
    3 Set objFSO = CreateObject("Scripting.FileSystemObject")
    4 Set objFile1 = objFSO.OpenTextFile("Total Machine Count.txt",8,True)
    5 Set objConnection = CreateObject("ADODB.Connection")
    6 Set objCommand = CreateObject("ADODB.Command")
    7 objConnection.Provider = "ADsDSOObject"
    8 objConnection.Open "Active Directory Provider"
    9 Set objCommand.ActiveConnection = objConnection
    10 objCommand.Properties("Page Size") = 1000
    11 objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
    12 objCommand.CommandText = "SELECT Name, operatingSystem,
    operatingSystemVersion " & "FROM 'LDAP://dc=global,dc=avaya,dc=com' " &
    "WHERE objectCategory='computer'"
    13 Set objRecordSet = objCommand.Execute
    14 objRecordSet.MoveFirst
    15 Do Until objRecordSet.EOF
    16 If (objRecordSet.Fields("operatingSystem").Value = "Windows Server 2003")
    Or (objRecordSet.Fields("operatingSystem").Value = "Windows 2000 Server")
    Then
    17 objFile1.WriteLine objRecordSet.Fields("Name").Value & vbTAB &
    objRecordSet.Fields("operatingSystem").Value
    18 Else
    19 End If
    20 objRecordSet.MoveNext
    21 Loop
    22 objFile1.Close
    23 WScript.Echo "Enumerate All Servers in AD that are Win2000 or Win2003 has
    FINISHED..."


    --

    Mike Matheny

    Views expressed herein do not reflect or represent
    my employer in any way.
     
    Mike Matheny, Sep 22, 2006
    #6
  7. Mike Matheny

    ESP Guest

    Make sure to change over the LDAP line (12 I think) to point to your AD
    environment ;-)

    Also, watch for word-wrap....
    ESP

    ==========================
     
    ESP, Sep 22, 2006
    #7
  8. Mike Matheny

    Mike Matheny Guest

    DOH!!!! Been a long week - ESP, thanx a bunch. I really need to get a book
    on scripting!

    --

    Mike Matheny

    Views expressed herein do not reflect or represent
    my employer in any way.
     
    Mike Matheny, Sep 22, 2006
    #8
  9. Mike Matheny

    ESP Guest

    ESP, Sep 22, 2006
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.