Testing whether a client is part of an AD
Say your AD Site is ‘AVARMA’ – and you are trying to figure out if the following IP address is assigned to that site
Doing this on the local client
“gpresult /r” or “NLTEST /dsgetsite“
Doing this on any AD computer
Test whether it is part of the domain –
- nltest /DSADDRESSTOSITE: (Hit Enter)
- nltest /DSADDRESSTOSITE:10.10.1.104
Retrieve the site-subnet mapping for ‘10.10.1.104’ from ‘\\DC01.DOMAIN.COM’.
10.10.10.100 AVARMA 10.10.10.0/24
This will tell you whether it is assigned to the AD site AVARMA – and the appropriate subnet mapping
Audit Trail on Domain Controller – DNS Events Audit
Event viewer>Applications and Services logs>Microsoft>windows>DNS-Server>Audit
If you do not see a DNS-server component, enable DNS record auditing manually.
Right-click DNS Server, point to View, and then click “Show Analytic and Debug Logs“. Right-click Analytical and then click on Properties. Confirm the “Enable logging” check box is selected.
Restoring an entire Deleted Site
https://blogs.technet.microsoft.com/askds/2010/08/12/using-ad-recycle-bin-to-restore-deleted-dns-zones-and-their-contents-in-windows-server-2008-r2/
Restoring a Deleted AD Zone
Get-ADObject -Filter {displayName -eq “mylocal.site”} -IncludeDeletedObjects | Restore-ADObject
Restore a Deleted AD Object
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd379509(v=ws.10)?redirectedfrom=MSDN
Leave a Reply