For Linux, this command should return the DNS record for the LDAP server
host -t srv _ldap._tcp.DOMAINNAME
(found at Authenticating from Java (Linux) to Active Directory using LDAP WITHOUT servername)
How could I get the same on the Windows command line using nslookup?
I tried
nslookup -type srv _ldap._tcp.DOMAINNAME
(following http://support.microsoft.com/kb/200525), would this be correct?
You need to use an = after -type:
nslookup -type=srv _ldap._tcp.DOMAINNAME
Replace DOMAINNAME with the actual name of the domain.
None of the above worked for me, I got every time an error like this (I've tried with all the combinations I can think of with the domain names):
*** Unknown can't find _ldap._tcp: Non-existent domain
So another google search pointed to this method:
nltest /dclist:yourdomain.com
And this results in the list of the different servers in my network. Hope this saves an additional 2 minutes for someone else.
Use Nslookup to verify the SRV records, follow these steps:
Click Start, and then click Run.
In the Open box, type cmd.
Type nslookup, and then press ENTER.
Type set type=all, and then press ENTER.
Type _ldap._tcp.dc._msdcs.Domain_Name, where Domain_Name is the name of your domain, and then press ENTER.
Get-ADDomainController will list your domain controllers from domain
If you want to check it from another domain then use -server switch.
get-addomaincontroller -server "domain"
Windows cmd prompt uses "query" instead of "type" for some forsaken reason. Interactive nslookup still uses "set type=srv".
nslookup -query=srv _ldap._tcp.DOMAINNAME
EDIT: while "query" works it seems that I am 100% wrong. "type" works too.
"nslookup -query=srv _ldap._tcp.DOMAINNAME" worked for me, tried nslookup -type=srv _ldap._tcp.DOMAINNAME and didn't work.
Server 2008 R2
