You want to find the application partitions that have been created in a forest.
Open LDP.
From the menu, select Connection Connect.
For Server, enter the name of a DC.
For Port, enter 389.
Click OK.
From the menu, select Connection Bind.
Enter a user and password with the necessary credentials.
Click OK.
From the menu, select Browse Search.
For BaseDN, type the DN of the Partitions container (e.g., cn=partitions,cn=configuration,dc=rallencorp, dc=com).
For Filter, enter:
(&(objectcategory=crossRef)(systemFlags:1.2.840.113556.1.4.803:=5))
For Scope, select One Level.
Click the Options button.
For Attributes, type dnsRoot.
Click OK.
Click Run.
Use the following command to find all of the application partitions in a forest:
> dsquery * cn=partitions,cn=configuration,<ForestDN> -filter[RETURN] "(&(objectcategory=crossRef)(systemFlags:1.2.840.113556.1.4.803:=5))"[RETURN] -scope onelevel -attr dnsRoot
' This code displays the application partitions contained in the ' default forest set objRootDSE = GetObject("LDAP://RootDSE") strBase = "<LDAP://cn=Partitions," & _ objRootDSE.Get("ConfigurationNamingContext") & ">;" strFilter = "(&(objectcategory=crossRef)" & _ "(systemFlags:1.2.840.113556.1.4.803:=5));" strAttrs = "cn,ncName;" strScope = "onelevel" set objConn = CreateObject("ADODB.Connection") objConn.Provider = "ADsDSOObject" objConn.Open "Active Directory Provider" set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope) objRS.MoveFirst while not objRS.EOF Wscript.Echo objRS.Fields("nCName").Value objRS.MoveNext wend
The method I used in the Solution to get the list of application partitions was to query all crossRef objects in the Partitions container that have the systemFlags attribute with the 0101 bits set (5 in decimal). To do this, I used a logical AND bit-wise filter. See Recipe 4.9 for more on searching with a bitwise filter.
You can take a shortcut by not including the bitwise OID in the search filter, and changing it to systemFlags=5. This currently produces the same results in my test forest as with the bitwise filter, but there are no guarantees since it is a bit-flag attribute. There may exist special circumstances when an application partition would have another bit set in systemFlags that would yield a different value.
In each solution, I printed the dnsRoot attribute for each application partition, which contains the DNS name of the application partition. You can also retrieve the nCName attribute, which contains the distinguished name of the application partition.