tag:blogger.com,1999:blog-8539880144347728238.post4684004613811373044..comments2024-01-24T04:15:08.086-05:00Comments on Carnal0wnage Blog: AD Zone Transfers as a userUnknownnoreply@blogger.comBlogger1125tag:blogger.com,1999:blog-8539880144347728238.post-34528681478764322212014-04-05T22:34:00.327-04:002014-04-05T22:34:00.327-04:00The script hard-codes "CN=MicrosoftDNS,CN=Sys...The script hard-codes "CN=MicrosoftDNS,CN=System", but this will actually vary based on the replication scope defined for the zone. The AD Explorer screenshot above shows one of the alternate locations: "CN=MicrosoftDNS,DC=DomainDNSZones", which is also the configuration used on my current client engagement as well as my lab (I believe I used default configuration options). <br /><br />The replication scopes/possible locations are as follows:<br />All DNS servers in forest: CN=MicrosoftDNS,DC=ForestDNSZones<br />All DNS servers in domain: CN=MicrosoftDNS,DC=DomainDNSZones<br />All DCs in domain: CN=MicrosoftDNS,CN=System<br /><br />The latter option is apparently used for Win2k compatibility, so this may be in place for domains that have been upgraded over the years.<br /><br />Just FYI in case you or anyone else runs into this snag. As always, thanks for taking the time to share these techniques.AJhttps://www.blogger.com/profile/13361693714724565105noreply@blogger.com