Finding all aliases for a server

Our network admin is away at the moment. I'm trying to find all aliases attached to a given server on our network (actually a number of servers)

After googling around it seems like nslookup might do this for me but it seems it doesn't.

All of these pretty much just behave like ping - they return the IP address of what I'm looking up

nslookup server
nslookup IPAddress
nslookup KnownAlias

I want a command where I can enter the host name and have it return all aliases defined for that server.

This is on windows on an internal network.

I suspect if I had an AD tool I could poke around in there. But there isn't a AD tool installed by default on our windows client (windows 7). Can anyone suggest a useful windows AD tool in windows 7, given that I don't have admin access?

Solution 1:

You can try this.

nslookup
>ls -a YOURDOMAINE

It will list all canonic names and aliases

nslookup
>ls -t CNAME

It will list all CNAME entries from your DNS

You must have authorized access with your account to run these commands

Hope it helps

Solution 2:

Assuming DNS runs on Windows, AD-integrated or not, use the DNS console on a DNS server. Sort A records by IP, and scroll around until you locate your server.

This will not tell you if individual clients have custom hosts entries for your server, but hopefully your DNS can be a "good enough" source of name records.