Skip to main content
Solved

Check authenicated domain controller

  • October 16, 2015
  • 6 replies
  • 42 views
C
Forum|alt.badge.img+10

Hello,

Thanks in advance for reading. I was hoping to create an EA that would report the domain controller the user authenticated against at the time of login. Is anyone currently doing something similar? I'd like to hear anyones thoughts on an efficient way to accomplish this. We have four domain controllers like DC01.dc.company.net so when I do a "dsconfigad -show" all you see is dc.company.net.

Any thoughts on this are appreciated.

Thank you in advance.

Best answer by TomH

@Chuey You could also have a look at the AD Dynamic Data:

Everything:

defaults read /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS "last used servers"

Just the last used Global Catalog server:

/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/Global Catalog:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist

Just the last used DC: 

/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist

Should output something like:

{ "/Active Directory/JIGSAWSYSTEMS/Global Catalog" = { Priority = 0; Weight = 100; flags = 1; host = "xxx-dc-01.jigsawsystems.internal"; port = 3268; }; "/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal" = { Priority = 0; Weight = 100; flags = 1; host = "xxx.jigsawsystems.internal"; port = 389; }; }
xxx-dc-01.jigsawsystems.internal
xxx.jigsawsystems.internal

Basic EA would be: 

#!/bin/sh
#Check AD Dynamic Data

if [ -f "/Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist" ]; then
    result=`/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist`
    echo "<result>$result</result>"
else
    echo "<result>Dynamic Data Missing</result>"
fi
fi

    6 replies

    bpavlov
    Forum|alt.badge.img+18
    • bpavlov
    • Esteemed Contributor
    • October 16, 2015

    I know in Windows there's a way to do it for sure. On a Mac, I don't know off hand.

    This works in dscl interactive mode:
    In terminal type: "dscl" and then Enter (without quotes)
    Type: "read Configure"

    And you'll get the IP Address.

    I can't quite figure it out without interactive mode though. There are other suggestions online about scanning with netstat -a and grepping out based on ports or traffic. But that seems like it's a big resource hog.

    bentoms
    Forum|alt.badge.img+35
    • bentoms
    • Hall of Fame
    • October 17, 2015

    @Chuey what @bpavlov said with netstat may work.

    Something like:

    netstat | grep "389"

    Or whichever port or maybe grep the domain name. But domain name may show results for other things.

    T
    Forum|alt.badge.img+7
    • TomH
    • New Contributor
    • Answer
    • October 19, 2015

    @Chuey You could also have a look at the AD Dynamic Data:

    Everything:

    defaults read /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS "last used servers"

    Just the last used Global Catalog server:

    /usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/Global Catalog:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist

    Just the last used DC: 

    /usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist

    Should output something like:

    { "/Active Directory/JIGSAWSYSTEMS/Global Catalog" = { Priority = 0; Weight = 100; flags = 1; host = "xxx-dc-01.jigsawsystems.internal"; port = 3268; }; "/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal" = { Priority = 0; Weight = 100; flags = 1; host = "xxx.jigsawsystems.internal"; port = 389; }; }
    xxx-dc-01.jigsawsystems.internal
    xxx.jigsawsystems.internal

    Basic EA would be: 

    #!/bin/sh
#Check AD Dynamic Data

if [ -f "/Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist" ]; then
    result=`/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist`
    echo "<result>$result</result>"
else
    echo "<result>Dynamic Data Missing</result>"
fi
fi
    C
    Forum|alt.badge.img+10
    • Chuey
    • Author
    • Valued Contributor
    • October 19, 2015

    Thanks @TomH. After tweaking this script works perfect and returns the information I was looking for

    T
    Forum|alt.badge.img+7
    • TomH
    • New Contributor
    • October 19, 2015

    @Chuey no problem, what did the final script look like as i didn't actually try that EA.

    Cheers,

    Tom

    C
    Forum|alt.badge.img+10
    • Chuey
    • Author
    • Valued Contributor
    • October 19, 2015

    @TomH I tweaked it and it looks like this now:

    #!/bin/sh
if [ -f "/Library/Preferences/OpenDirectory/DynamicData/Active Directory/xxxx.plist" ]; then
    result=`/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/DCS/dcs.xxxx.net:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/xxxx.plist`

    echo "<result>$result</result>"
else
    echo "<result>Data Missing</result>"
fi
    Terms & ConditionsCookie settingsAccessibility statement