How To Find All Domain Controllers In A Domain

You might be wondering that how to find all domain controllers (DCs) in your domain Or how to find out where is your PC (client) authenticating  when you have a large Data-Center or probably hundreds of member server in a large scaled AD environment.  Here is an easy way out to handle the problem.

Finding Out All Domain Controllers In A Domain

In order to find out all the domain controllers in a domain, open the command prompt or PowerShell with Administrative Privileges and type the following command:

U:\> dsquery server

"CN=DC2,CN=Servers,CN=US,CN=Sites,CN=Configuration,DC=contoso,DC=com"
"CN=TorDC,CN=Servers,CN=Toronto,CN=Sites,CN=Configuration,DC=contoso,DC=com"
"CN=dc2k12,CN=Servers,CN=London,CN=Sites,CN=Configuration,DC=contoso,DC=com"
"CN=POS2,CN=Servers,CN=Ottawa,CN=Sites,CN=Configuration,DC=contoso,DC=com"

When above command is executed, you will find a list of all the DC’s in AD Forest.

Which Domain Controller You Are Authenticated To ?

In order to find out which domain controller you are authenticated to, you can open the command prompt and type the following command. You could use any of the following two methods:

Method1

Type the “set” command and result will look like as given below:

C:\windows\system32> set
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\user1\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=user1-PC
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=U:
HOMEPATH=\
ININ_TRACE_TOPIC_ROOT=C:\Program Files (x86)\Common Files\Interactive Intelligence\inin_tracing\
LOCALAPPDATA=C:\Users\user1\AppData\Local
LOGONSERVER=\\DC1
NUMBER_OF_PROCESSORS=4
OS=Windows_NT

We are looking for the “LOGONSERVER” name. This is the DC where you system was authenticated.

Method 2

You can also echo the “LOGONSERVER” variable directly in order  to get the same result.

U:\>echo %LOGONSERVER%
\\DC1

Above Command will give you the DC name to which you are authenticating rather than throwing off other information which you may not need.

Share your thoughts

*