Winapi

How to Get a List of Domains on Your Network Using Windows API

If you’re a network administrator or a developer working with Active Directory, you may frequently need to retrieve a list of domains present in your network. Whether for monitoring purposes, managing resources, or ensuring proper security protocols, having access to domain information is essential. In this blog post, we’ll explain how to accomplish this task using the Windows API with LDAP queries.

Understanding the Problem

To get a list of all the domains on your network, you’ll typically interact with the Active Directory. The challenge lies in using the correct protocol and queries to extract this information effectively. Fortunately, the task can be accomplished with just a little scripting!

The Solution

Using VBScript with LDAP Queries

One of the most streamlined ways to fetch domain information is by using VBScript combined with LDAP (Lightweight Directory Access Protocol) queries. Below, we’ll guide you through a sample script that can be executed on any machine connected to the network where Active Directory is in use.

Sample VBScript Code

Here’s the script you can use to retrieve the list of domains:

' This VBScript code gets the list of the domains contained in the 
' forest that the user running the script is logged into

' ---------------------------------------------------------------
' From the book "Active Directory Cookbook" by Robbie Allen
' Publisher: O'Reilly and Associates
' ISBN: 0-596-00466-4
' Book web site: http://rallenhome.com/books/adcookbook/code.html
' ---------------------------------------------------------------

set objRootDSE = GetObject("LDAP://RootDSE")
strADsPath =  "<GC://" & objRootDSE.Get("rootDomainNamingContext") & ">;;"
strFilter  = "(objectcategory=domainDNS);"
strAttrs   = "name;"
strScope   = "SubTree"

set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
set objRS = objConn.Execute(strADsPath & strFilter & strAttrs & strScope)
objRS.MoveFirst
while Not objRS.EOF
    Wscript.Echo objRS.Fields(0).Value
    objRS.MoveNext
wend

Breakdown of the Script

  1. Initialize LDAP Connection:

    • The script starts by obtaining a reference to the root of the directory.
    • GetObject("LDAP://RootDSE") fetches the root of the directory.

  2. Set Path and Query Filters:

    • strADsPath: This sets the path for the domain naming context.
    • strFilter: Specifies the type of objects to search for; in this case, only domains.

  3. Establish Connection:

    • The connection to Active Directory is established using ADODB.Connection.

  4. Execute the Query:

    • The Active Directory query is executed, and results are stored in a recordset object.

  5. Display Results:

    • The script iterates through the recordset, displaying each domain name until all entries have been shown.

Additional Resources

For those who prefer working within the C# environment, this C# version is also available. This alternative can provide similar results with potentially different implementation considerations.

Conclusion

Retrieving a list of domains on your network is a straightforward process when utilizing the Windows API alongside LDAP queries. By using the provided VBScript code, you can quickly and effectively gather the necessary data, enhancing your ability to manage Active Directory resources. If you’re looking for additional performance or features, consider exploring the C# alternative for a more robust solution.

Now you’re equipped with the tools to manage your network’s domains efficiently. Try implementing the above code, and you’ll see how powerful scripting can be in network management!