In my scripts i'm using that query to catch DC:
host -t SRV _kerberos._udp.ad.fvg.lnf.it | awk '{print $NF}'| sed
's/.$//'
and works, but now that the domain get more complex, i want to limit
server lookups to the DC in the same site.
Googling around lead me to:
https://patternbuffer.wordpress.com/2007/12/13/finding-your-active-directory-site-and-domain-controllers/
and seems to work. With the local network i can get the site:
root at vdcsv1:~# ldbsearch -H /var/lib/samba/private/sam.ldb -b
"CN=Subnets,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it"
"(cn=10.5.0.0/16)" siteObject
# record 1
dn:
CN=10.5.0.0/16,CN=Subnets,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
siteObject: CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
# returned 1 records
# 1 entries
# 0 referrals
and doing the simple lookup, i can get the DC:
root at vdcsv1:~# ldbsearch -H /var/lib/samba/private/sam.ldb -b
"CN=SERVERS,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it"
"" dNSHostName
# record 1
dn: CN=dd6587e9-483d-41bc-aa4c-e2fe5c1af453,CN=NTDS
Settings,CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
# record 2
dn: CN=NTDS
Settings,CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
# record 3
dn: CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
# record 4
dn: CN=4d851fe0-967d-40c6-b1ba-c1d96b196042,CN=NTDS
Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
# record 5
dn: CN=6703f3ea-d6f9-4907-8afd-b021256cb1af,CN=NTDS
Settings,CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
# record 6
dn: CN=NTDS
Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
# record 7
dn: CN=76a7bad4-ccee-4f19-887d-4903a2e8b095,CN=NTDS
Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
# record 8
dn: CN=c353aadd-e738-42a8-a024-d6631c7e5876,CN=NTDS
Settings,CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
# record 9
dn:
CN=VDCSV1,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
dNSHostName: vdcsv1.ad.fvg.lnf.it
# record 10
dn:
CN=VDCSV2,CN=Servers,CN=SanVito,CN=Sites,CN=Configuration,DC=ad,DC=fvg,DC=lnf,DC=it
dNSHostName: vdcsv2.ad.fvg.lnf.it
# returned 10 records
# 10 entries
# 0 referrals
But i was not able to use the third query (in 'Update:'), to prevent
catching server
in other forest domains.
Ok, samba does not support forests, but...
Someone can help me? Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia''
http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
