UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
September
Su M Tu W Th F Sa
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30
Sponsored Links
Latest Postings
Doom 3
by Cyrez
09/11/14 08:58 PM
The History Thread...
by Cyrez
09/11/14 08:56 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666
08/22/14 09:21 AM
Latest Reviews
Topic Options
Rate This Topic
#15528 - 03/14/05 11:24 PM Windows Server 2000 domain controller
MESELF Offline
Junior Member

Registered: 08/08/03
Posts: 68
Hey guys. I was wondering if you could give me any help on how to find out which of numerous servers in a network is actually the domain controller. That is, I need to find out which server actually has the user accounts, which is apparently not necessarily the same server that hosts all of the file folders for the user accounts. The mapped network folders when you logon to the domain are all on \\red, but apprently the actual user accounts are not on \\red. Is there any way I can find out which server is controlling the domain without already knowing?

Top
Sponsored Links
      
#15529 - 03/14/05 11:54 PM Re: Windows Server 2000 domain controller
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
logically it'd probably be the first (or towards the first) IP in the subnet
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#15530 - 03/15/05 02:02 AM Re: Windows Server 2000 domain controller
MESELF Offline
Junior Member

Registered: 08/08/03
Posts: 68
OK. That would make sense. So an address like 10.1.1.1 be the server? \\RED is 10.1.1.10
Also, some of the IP stuff seems to have slipped my mind. Is subnet determined by the first number? Are 10.1.30.195 and 10.1.1.1 in the same subnet?

Top
#15531 - 03/15/05 03:28 AM Re: Windows Server 2000 domain controller
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
Here on my network my dns server is the first ip in the block (.1), my secondary router for my vonage line is next (.2); generally admin's will do this as to know percisely where everything is... So you think, start with everything moving up, router 1 (.1), router 2 (.2) etc; eventually you'll make it up to 10 (myself I start private blocks here at .10 while leaving any single digit as network resources)
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#15532 - 03/15/05 03:46 AM Re: Windows Server 2000 domain controller
Ghost Offline


Registered: 06/16/03
Posts: 807
Loc: Wisconsin
Use Cain & Abel for network enumeration. It can differentiate between normal client computers, and various important servers, including the domain controller.
_________________________
[[ GamerSupport ] [ UGN Security ] [ Evil Hosting ] [ Comic Relief ]
~[Ghost]

Top
#15533 - 03/23/05 08:44 PM Re: Windows Server 2000 domain controller
Nexus Offline
Junior Member

Registered: 03/04/02
Posts: 16
Loc: UK
The simplest way to find the DC's (Domain Controllers) is to use the 'nltest' utility from the resource kit for the OS that you will be using to make the query - just google for 'nltest' and your host OS, though they are usually on the Windows CD.

Once you have nltest, assuming you are looking for the 'EXAMPLE' domain:

Find all DC's : nltest.exe /dclist:example
Find primary DC : nltest.exe /dcname:example

It has a ton of other options, go play

Top
#15534 - 03/28/05 02:53 AM Re: Windows Server 2000 domain controller
MESELF Offline
Junior Member

Registered: 08/08/03
Posts: 68
Ah...ok. Thanks for the replies. I figured out about Cain&Abel's "Domain Controllers" list. Apparently there were three on this particular network (two replicating). Just for reference, the I.P. of the main DC was a .1.14 address. That seems a little strange, but I guess it is a pretty low address. The other two were .1.39 and .1.110 (turns out this was actually red, I got 10 and 110 mixed up) . Turns out my first post was incorrect anyway. red was a domain controller. gold was hosting the files (the network was using kerberos authentication). Thanks.
P.S. it was fairly odd, with apparently one of the color names being the gateway server (i believe this one was .1.10), and a ton of the low numbers being routers.

Top

Featured Member
Registered: 08/22/14
Posts: 1
Forum Stats
2148 Members
46 Forums
34352 Topics
69521 Posts

Max Online: 1567 @ 04/25/10 02:20 AM
Top Posters
UGN Security 27514
Gremelin 7192
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Gecko666, defghi795767, Devo60, ali, lavos
2147 Registered Users
Who's Online
0 registered (), 306 Guests and 273 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!