I am wondering from a client computer is there any way that one can
find out which computer/ip address on the network are domain controllers
And which are just client computers ?
I know I can check by os finger printing to find out the OS but that doesn't imply it is a DC if it is a MS server OS and checking that the AD service port is open gives me a good sign that it is but doesn't tell me if it is a primary or something else.
But I was wondering if there was an easier way or a standard way to check if a computer is a DC on the domain.
And A way to find all the DC on the network and which ones are primary and so forth.
As well as what domains the found DC controls i.e just one or many subnets / domains /...etc
Anybody know?
Please note this is not specfic for a certain computer so NETDOM may not exist if its linux or if it is a windows client,mac ,...etc
find out which computer/ip address on the network are domain controllers
And which are just client computers ?
I know I can check by os finger printing to find out the OS but that doesn't imply it is a DC if it is a MS server OS and checking that the AD service port is open gives me a good sign that it is but doesn't tell me if it is a primary or something else.
But I was wondering if there was an easier way or a standard way to check if a computer is a DC on the domain.
And A way to find all the DC on the network and which ones are primary and so forth.
As well as what domains the found DC controls i.e just one or many subnets / domains /...etc
Anybody know?
Please note this is not specfic for a certain computer so NETDOM may not exist if its linux or if it is a windows client,mac ,...etc
Last edited: