- Windows Server
- 05 November 2021 at 17:42 UTC
-
When you install a domain controller, you can see the contents of the Active Directory partitions of the domain controller via a graphical interface with "ADSI Edit" or in text format using the "ldp.exe" program.
Although this program isn't the most useful nor the easiest to use, be aware that it exists.
To begin, type "ldp" in the start menu and run the program of the same name.
To connect this program to your domain controller, go to "Connection" and click "Connect".
Leave the default options, namely the DNS name of the domain controller to which you want to connect, as well as the default LDAP port : 389.
Informations are displayed on the right side of the "ldp" program, including :
- the functional level of the domain : "domainFunctionality = 7 = WIN2016"
- the functional level of the forest of which it's part : "forestFunctionality = 7 = WIN2016"
To log in with the desired account on your domain controller, go to "Login" and click "Bind".
Specify the credentials (username, password and domain) of the account to use or select "Bind as currently logged on user" to use the account with which you are currently logged on to the server.
To get a list of the different partitions available on your Active Directory domain, go to "View" and click on "Tree".
The list of available partitions appears.
This is not possible with the "ADSI Edit" program for example.
In summary, you have access to the root of your Active Directory domain (in our case : informatiweb.lan), as well as to the partitions :
- Configuration
- Schema
- DomainDnsZones
- ForestDnsZones
Knowing that the "Configuration" and "Schema" partitions are partitions present on all domain controllers and the "DomainDnsZones" and "ForestDnsZones" partitions are additional application partitions containing the DNS zones linked to your domain.
Indeed, in our case, our DNS zones are integrated into the Active Directory.
Unlike the "ADSI Edit" program which doesn't offer application partitions, ldp does offer them.
You can thus see the contents of these partitions thanks to this "ldp.exe" program.
Small tip, you can recover this partition path and copy it into the "ADSI Edit" program to more easily see the content of partitions not offered by default by this "ADSI Edit" program.
The content of the "ForestDnsZones" application partition appears.
By searching a little in the other "DomainDnsZones" partition, you will be able in particular to find the DNS records corresponding to the computers joined to your Active Directory domain.
Share this tutorial
To see also
-
Windows Server 4/16/2021
Windows Server - AD DS - How Active Directory replication works
-
Windows Server 4/30/2021
Windows Server - AD DS - Overview of Active Directory functional levels
-
Windows Server 4/3/2021
Windows Server - AD DS - The basics of Active Directory
-
Windows Server 5/21/2021
WS 2016 - AD DS - Add a domain controller to an existing AD domain
You must be logged in to post a comment