I have a Windows Server based network, running a Windows DHCP and DNS server. How can I list all the computers in the local network known to the server? That would mean querying either the DHCP or the DNS for all names and IP addresses.
I know I can see this information if I log on to the server in the DHCP MMC. But is there a way to do it from a different computer (not in the AD-domain), and without the administrative MMC snap-ins installed? Maybe a Powershell command or tool that I missed?
In a small subnet I can just use a portscanner, but that seems like a wrong solution when the information I want is sitting there on my server.
I discovered nslookup ls mydomain.local
, but this fails with "query refused". Is there maybe a way to pass credentials to it?