NLTEST.exe (Active Directory [AD] tool) |
You can see some information about this tool here.
This command will tell you which domain controller (DC) is used for the workstation you are running it on (locally) so for a machine in the "XYZ" domain:
nltest.exe /sc_query:XYZ
To do the same thing remotely for server "MYSERVER":
nltest.exe /sc_query:XYZ /server:MYSERVER.XYZ
To export all a list of all the DCs in a domain:
nltest.exe /DCLIST:XYZ > XYZ.DCs.list.txt
NLTEST.EXE /? |
Usage: nltest [/OPTIONS] /SERVER:<ServerName> - Specify <ServerName> /QUERY - Query <ServerName> netlogon service /REPL - Force partial sync on <ServerName> BDC /SYNC - Force full sync on <ServerName> BDC /PDC_REPL - Force UAS change message from <ServerName> PDC /SC_QUERY:<DomainName> - Query secure channel for <Domain> on <ServerName> /SC_RESET:<DomainName>[\<DcName>] - Reset secure channel for <Domain> on <ServerName> to <DcName> /SC_VERIFY:<DomainName> - Verify secure channel for <Domain> on <ServerName> /SC_CHANGE_PWD:<DomainName> - Change a secure channel password for <Domain> on <ServerName> /DCLIST:<DomainName> - Get list of DC's for <DomainName> /DCNAME:<DomainName> - Get the PDC name for <DomainName> /DSGETDC:<DomainName> - Call DsGetDcName /PDC /DS /DSP /GC /KDC /TIMESERV /GTIMESERV /WS /NETBIOS /DNS /IP /FORCE /WRITABLE /AVOIDSELF /LDAPONLY /BACKG /DS_6 /TRY_NEXT_CLOSEST_SITE /SITE:<SiteName> /ACCOUNT:<AccountName> /RET_DNS /RET_NETBIOS /DNSGETDC:<DomainName> - Call DsGetDcOpen/Next/Close /PDC /GC /KDC /WRITABLE /LDAPONLY /FORCE /SITESPEC /DSGETFTI:<DomainName> - Call DsGetForestTrustInformation /UPDATE_TDO /DSGETSITE - Call DsGetSiteName /DSGETSITECOV - Call DsGetDcSiteCoverage /DSADDRESSTOSITE:[MachineName] - Call DsAddressToSiteNamesEx /ADDRESSES:<Address1,Address2,...> /PARENTDOMAIN - Get the name of the parent domain of this machine /WHOWILL:<Domain>* <User> [<Iteration>] - See if <Domain> will log on <User> /FINDUSER:<User> - See which trusted domain will log on <User> /TRANSPORT_NOTIFY - Notify netlogon of new transport /DBFLAG:<HexFlags> - New debug flag /USER:<UserName> - Query User info on <ServerName> /TIME:<Hex LSL> <Hex MSL> - Convert NT GMT time to ascii /LOGON_QUERY - Query number of cumulative logon attempts /DOMAIN_TRUSTS - Query domain trusts on <ServerName> /PRIMARY /FOREST /DIRECT_OUT /DIRECT_IN /ALL_TRUSTS /V /DSREGDNS - Force registration of all DC-specific DNS records /DSDEREGDNS:<DnsHostName> - Deregister DC-specific DNS records for specified DC /DOM:<DnsDomainName> /DOMGUID:<DomainGuid> /DSAGUID:<DsaGuid> /DSQUERYDNS - Query the status of the last update for all DC-specific DNS records /BDC_QUERY:<DomainName> - Query replication status of BDCs for <DomainName> /LIST_DELTAS:<FileName> - display the content of given change log file /CDIGEST:<Message> /DOMAIN:<DomainName> - Get client digest /SDIGEST:<Message> /RID:<RID in hex> - Get server digest /SHUTDOWN:<Reason> [<Seconds>] - Shutdown <ServerName> for <Reason> /SHUTDOWN_ABORT - Abort a system shutdown