Hello,
Thanks in advance for reading. I was hoping to create an EA that would report the domain controller the user authenticated against at the time of login. Is anyone currently doing something similar? I'd like to hear anyones thoughts on an efficient way to accomplish this. We have four domain controllers like DC01.dc.company.net so when I do a "dsconfigad -show" all you see is dc.company.net.
Any thoughts on this are appreciated.
Thank you in advance.
I know in Windows there's a way to do it for sure. On a Mac, I don't know off hand.
This works in dscl interactive mode:
In terminal type: "dscl" and then Enter (without quotes)
Type: "read Configure"
And you'll get the IP Address.
I can't quite figure it out without interactive mode though. There are other suggestions online about scanning with netstat -a and grepping out based on ports or traffic. But that seems like it's a big resource hog.
@Chuey what @bpavlov said with netstat may work.
Something like:
netstat | grep "389"Or whichever port or maybe grep the domain name. But domain name may show results for other things.
@Chuey You could also have a look at the AD Dynamic Data:
Everything:
defaults read /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS "last used servers"Just the last used Global Catalog server:
/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/Global Catalog:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plistJust the last used DC:
/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plistShould output something like:
{
"/Active Directory/JIGSAWSYSTEMS/Global Catalog" = {
Priority = 0;
Weight = 100;
flags = 1;
host = "xxx-dc-01.jigsawsystems.internal";
port = 3268;
};
"/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal" = {
Priority = 0;
Weight = 100;
flags = 1;
host = "xxx.jigsawsystems.internal";
port = 389;
};
}
xxx-dc-01.jigsawsystems.internal
xxx.jigsawsystems.internal
Basic EA would be:
#!/bin/sh
#Check AD Dynamic Data
if [ -f "/Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist" ]; then
result=`/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist`
echo "<result>$result</result>"
else
echo "<result>Dynamic Data Missing</result>"
fi
fiThanks @TomH. After tweaking this script works perfect and returns the information I was looking for
@Chuey no problem, what did the final script look like as i didn't actually try that EA.
Cheers,
Tom
@TomH I tweaked it and it looks like this now:
#!/bin/sh
if [ -f "/Library/Preferences/OpenDirectory/DynamicData/Active Directory/xxxx.plist" ]; then
result=`/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/DCS/dcs.xxxx.net:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/xxxx.plist`
echo "<result>$result</result>"
else
echo "<result>Data Missing</result>"
fiEnter your E-mail address. We'll send you an e-mail with instructions to reset your password.