Windows IT Pro Archived Blogs

Using AD Sites & Services To Find a DC’s DSA Object GUID, and Tech Ed

Last time I mentioned several ways to find a DC’s DSA object GUID, part of the CNAME (alias) the DC registers in its domain that uniquely identifies it to its replication partners. Today I’ll show you how to find it using Active Directory Sites and Services.

AD Sites and Services (DSSITE.MSC from the command line for the lazy among us) configures the sites, site links, and connection objects for your Active Directory forest. When you drill right down to the DCs you can find more interesting information like the current update sequence numbers (USNs), other object information, and the CNAME, or alias, the DC registers in DNS.

This is in the “DNS Alias” field, and note that this is the entire CNAME, which is the DSA object GUID (in this case 124B2B34-D3A3-428B-A593-4A6D62E01FFE) with the DNS suffiex ( appended to it. The nice thing about going into Sites and Services to get this alias is that if you scrape the alias from this field, you can simply paste it into a command prompt with a right-click (if you have Quick Edit enabled for the command prompt) after a “ping” command, and test whether it’s actually registered in DNS. The field here is populated by the DC object’s properties, not the DNS zone.)

The screen shot below shows you how to locate the DNS alias.


On a different note, I’ll be at Tech Ed in New Orleans this week. If you run into me, say hi! I’ll be all over the place, but will be visiting my friends in the Identity & Access area of the Expo on a regular basis.

On a DIFFERENT different note, we’ve set up an alias at Windows IT Pro that makes it a little bit easier to get to this blog. Just go to

Follow Sean on Twitter at @shorinsean.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.