locked
Active Directory queries on all subdomains under root? RRS feed

  • Question

  • User-355293749 posted
    Hi all,

    I am using C# 2.0.

    Here is my active directory setup:

    MAIN_DIRECTORY (root)
                     \ SUBDOMAIN1 -> [user1, user2]
                     \ SUBDOMAIN2 -> [user3, user4]

    From a machine in the SUBDOMAIN1, I want to query user information from all subdomains under the root.

    I am using the following code:
    DirectoryEntry oDirEntry = new DirectoryEntry(string.Format("LDAP://{0}", SUBDOMAIN_1_OR_2));
    string sSearchFilter = string.Format("(&(objectClass=user)(SAMAccountName={0}))", SOME_USERNAME);
    DirectorySearcher oDirSearcher = new DirectorySearcher(oDirEntry, sSearchFilter);
    oDirSearcher.SearchScope = SearchScope.Subtree;
    SearchResultCollection aoUsers = oDirSearcher.FindAll();

    This works fine when I explicitely query SUBDOMAIN1 with the users that are in that domain (user1, user2, ...) or SUBDOMAIN2 with the users from that domain (user3, user4, ...).
    My problem is that at runtime, I don't know what subdomain the users are from and I don't want to query all subdomains one after the other to find user information.
    Is these a way to query the entire directory (root) for users without knowing what subdomains they are in? If not, is there another better way to do this?
    Thanks.
    <!-- / message -->
    Friday, May 4, 2007 10:56 AM

All replies

  • User751577099 posted

    Have you tried search with only the root like ?

    LDAP://DC="<Name>"

    and keep SearchScope as Subtree. I think that will still search the whole directory.

     

    Tuesday, May 8, 2007 10:12 PM
  • User-355293749 posted

    Hi, Thanks for your answer.

    What you suggested makes perfect sense, but when I tried it, I get the following error: "A referral was returned from the server." Any idea why I am getting this error and of another way to achive what I am trying to do?

     Thanks.

    Tuesday, May 29, 2007 11:13 AM
  • User1342629238 posted

     This may be totally incorrect, but I had been getting the same error lately (why I dont know) when I was trying to connect as:

    string BaseOu = "OU=Staff,DC=myServer,DC=com,DC=au";
    string ADuser = "myUser";
    string ADpwd = "myPwd";
    DirectoryEntry entry = new DirectoryEntry("LDAP://" + BaseOu, ADuser ,ADpwd); 

    Now I have to specify the server DNS:

    string BaseOu = "OU=Staff,DC=myServer,DC=com,DC=au";
    string ADserver = @"myServer.com.au/";
    ADuser = "myUser";
    ADpwd = "myPwd";
    DirectoryEntry entry = new DirectoryEntry("LDAP://" + ADserver + BaseOu, ADuser ,ADpwd);

    Now I don't have that error.
     

    Wednesday, May 30, 2007 9:04 PM