Recipe 2.6 Finding the Domains in a Forest

2.6.1 Problem

You want a list of the domains in a forest.

2.6.2 Solution Using a graphical user interface

Open the Active Directory Domains and Trusts snap-in. The list of the domains in the default forest can be browsed in the left pane. Using a command-line interface
> ntdsutil "d m" "sel op tar" c "co t s <DomainControllerName>"  q "l d" q q q[RETURN] Using VBScript
' This code gets the list of the domains contained in the 
' forest that the user running the script is logged into.

set objRootDSE = GetObject("LDAP://RootDSE")
strADsPath =  "<GC://" & objRootDSE.Get("rootDomainNamingContext") & ">;"
strFilter  = "(objectcategory=domainDNS);"
strAttrs   = "name;"
strScope   = "SubTree"

set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
set objRS = objConn.Execute(strADsPath & strFilter & strAttrs & strScope)
while Not objRS.EOF
    Wscript.Echo objRS.Fields(0).Value

2.6.3 Discussion Using a graphical user interface

If you want to view the domains for an alternate forest than the one you are logged into, right-click on "Active Directory Domains and Trusts" in the left pane, and select "Connect to Domain Controller." Enter the forest name you want to browse in the Domain field. In the left pane, expand the forest root domain to see any subdomains. Using a command-line interface

In the ntdsutil example, shortcut parameters were used to reduce the amount of typing needed. If each parameter were typed out fully, the command line would look like:

> ntdsutil "domain management" "select operation target" connections "connect[RETURN]
to server <DomainControllerName>" quit "List domains" quit quit quit Using VBScript

In the VBScript solution, an ADO query is used to search for domainDNS objects stored in the global catalog, using the root (forest) Domain NC as the search base. This query will find all domains in the forest.

To find the list of domains for an alternate forest, include the name of the forest as part of the ADsPath used in the first line of code. The following would target the forest:

set objRootDSE = GetObject("LDAP://" & "RootDSE")

2.6.4 See Also

Recipe 3.8 for finding the domain controllers for a domain

    Chapter 3. Domain Controllers, Global Catalogs, and FSMOs
    Chapter 6. Users
    Appendix A. Tool List