In my scripts i'm using that query to catch DC: host -t SRV _kerberos._udp.ad.fvg.lnf.it | awk '{print $NF}'| sed 's/.$//' and works, but now that the domain get more complex, i want to limit server lookups to the DC in the same site. Googling around lead me to: https://patternbuffer.wordpress.com/2007/12/13/finding-your-active-directory-site-and-domain-controllers/ and seems to work. With the local network i can get the site: root at vdcsv1:~# ldbsearch -H /var/lib/samba/private/sam.ldb -b "CN=Subnets,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it" "(cn=10.5.0.0/16)" siteObject # record 1 dn: CN=10.5.0.0/16,CN=Subnets,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it siteObject: CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it # returned 1 records # 1 entries # 0 referrals and doing the simple lookup, i can get the DC: root at vdcsv1:~# ldbsearch -H /var/lib/samba/private/sam.ldb -b "CN=SERVERS,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it" "" dNSHostName # record 1 dn: CN=dd6587e9-483d-41bc-aa4c-e2fe5c1af453,CN=NTDS Settings,CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it # record 2 dn: CN=NTDS Settings,CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it # record 3 dn: CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it # record 4 dn: CN=4d851fe0-967d-40c6-b1ba-c1d96b196042,CN=NTDS Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it # record 5 dn: CN=6703f3ea-d6f9-4907-8afd-b021256cb1af,CN=NTDS Settings,CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it # record 6 dn: CN=NTDS Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it # record 7 dn: CN=76a7bad4-ccee-4f19-887d-4903a2e8b095,CN=NTDS Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it # record 8 dn: CN=c353aadd-e738-42a8-a024-d6631c7e5876,CN=NTDS Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it # record 9 dn: CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it dNSHostName: vdcsv1.ad.fvg.lnf.it # record 10 dn: CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it dNSHostName: vdcsv2.ad.fvg.lnf.it # returned 10 records # 10 entries # 0 referrals But i was not able to use the third query (in 'Update:'), to prevent catching server in other forest domains. Ok, samba does not support forests, but... Someone can help me? Thanks. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D66 Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/ Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN) marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797 Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA! http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000 (cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)