- Jamf Nation Community
- Products
- Jamf Pro
- Re: Check authenicated domain controller
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-16-2015 10:30 AM
Hello,
Thanks in advance for reading. I was hoping to create an EA that would report the domain controller the user authenticated against at the time of login. Is anyone currently doing something similar? I'd like to hear anyones thoughts on an efficient way to accomplish this. We have four domain controllers like DC01.dc.company.net so when I do a "dsconfigad -show" all you see is dc.company.net.
Any thoughts on this are appreciated.
Thank you in advance.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-19-2015 02:08 AM
@Chuey You could also have a look at the AD Dynamic Data:
Everything:
defaults read /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS "last used servers"Just the last used Global Catalog server:
/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/Global Catalog:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plistJust the last used DC:
/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plistShould output something like:
{ "/Active Directory/JIGSAWSYSTEMS/Global Catalog" = { Priority = 0; Weight = 100; flags = 1; host = "xxx-dc-01.jigsawsystems.internal"; port = 3268; }; "/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal" = { Priority = 0; Weight = 100; flags = 1; host = "xxx.jigsawsystems.internal"; port = 389; }; }
xxx-dc-01.jigsawsystems.internal
xxx.jigsawsystems.internal
Basic EA would be:
#!/bin/sh
#Check AD Dynamic Data
if [ -f "/Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist" ]; then
result=`/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist`
echo "<result>$result</result>"
else
echo "<result>Dynamic Data Missing</result>"
fi
fi
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-16-2015 01:19 PM
I know in Windows there's a way to do it for sure. On a Mac, I don't know off hand.
This works in dscl interactive mode:
In terminal type: "dscl" and then Enter (without quotes)
Type: "read Configure"
And you'll get the IP Address.
I can't quite figure it out without interactive mode though. There are other suggestions online about scanning with netstat -a and grepping out based on ports or traffic. But that seems like it's a big resource hog.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-17-2015 03:34 PM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-19-2015 02:08 AM
@Chuey You could also have a look at the AD Dynamic Data:
Everything:
defaults read /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS "last used servers"Just the last used Global Catalog server:
/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/Global Catalog:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plistJust the last used DC:
/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plistShould output something like:
{ "/Active Directory/JIGSAWSYSTEMS/Global Catalog" = { Priority = 0; Weight = 100; flags = 1; host = "xxx-dc-01.jigsawsystems.internal"; port = 3268; }; "/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal" = { Priority = 0; Weight = 100; flags = 1; host = "xxx.jigsawsystems.internal"; port = 389; }; }
xxx-dc-01.jigsawsystems.internal
xxx.jigsawsystems.internal
Basic EA would be:
#!/bin/sh
#Check AD Dynamic Data
if [ -f "/Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist" ]; then
result=`/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/JIGSAWSYSTEMS/jigsawsystems.internal:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/JIGSAWSYSTEMS.plist`
echo "<result>$result</result>"
else
echo "<result>Dynamic Data Missing</result>"
fi
fiOptions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-19-2015 07:23 AM
Thanks @TomH. After tweaking this script works perfect and returns the information I was looking for
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-19-2015 07:35 AM
@Chuey no problem, what did the final script look like as i didn't actually try that EA.
Cheers,
Tom
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-19-2015 10:17 AM
@TomH I tweaked it and it looks like this now:
#!/bin/sh
if [ -f "/Library/Preferences/OpenDirectory/DynamicData/Active Directory/xxxx.plist" ]; then
result=`/usr/libexec/PlistBuddy -c "print :last used servers:/Active Directory/DCS/dcs.xxxx.net:host:" /Library/Preferences/OpenDirectory/DynamicData/Active Directory/xxxx.plist`
echo "<result>$result</result>"
else
echo "<result>Data Missing</result>"
fi