Useful ldp queries

Just dumping useful ldp.exe queries as I come across/ think of them. Better to keep them here in one consolidated post for future reference …

Find all GCs in the forest

If a DC is a GC, its NTDS Setting object has an attribute called options whose value is 0x1. Not sure if a DC is a GC and something else, whether the value changes, but for now I’ll assume it doesn’t and so one can quickly search for all GCs in the forest by connecting to the Configuration partition and filtering by the following:

  • Filter: (&(cn=NTDS Settings)(options=1))
  • Base DN: CN=Configuration,DC=domainname
  • Attributes: distinguishedName
  • Scope: Subtree