Ping a Specific Port

Question

jffalmeida

Asked: 2016-07-23 06:13:26 +0800 CST2016-07-23 06:13:26 +0800 CST 2016-07-23 06:13:26 +0800 CST

Windows Server 2008 R2 functional level - DSQUERY

772

After executing some queries (dsquery computer domainroot -stalepwd), using dsquery, I was told this command connects to the available DC and for this reason the results might be untruthful because the DC's do not replicate computer accounts password.

After some research I wasn’t able to understand if this true or not, meaning: When I'm using the command "dsquery computer domainroot -stalepwd" would the result take into account all the DC's information or the one I’m connecting to by default?

Thanks in advance!

JFA

1 Answers

Voted

Ryan Ries · Answer 1 · 2016-07-23T06:27:22+08:00

Best Answer

Ryan Ries

2016-07-23T06:27:22+08:002016-07-23T06:27:22+08:00

The command is accurate because it will search for computers whose password has not changed in the number of days that you specify. (By default, computers change their own passwords every 30 days as long as they're connected to the domain.)

Source

This information is replicated amongst domain controllers, in the pwdLastSet attribute, so assuming replication is healthy, it will be consistent throughout the domain. You will get the same answer no matter which DC you query.

According to MS-ADTS, pwdLastSet is urgently replicated.

3

Windows Server 2008 R2 functional level - DSQUERY

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?