Using LDAP query to get all the domains from all the forests in my company RRS feed

  • Question

  • Foreword:

    I'm using two domain controller (dc1 and dc2). I'm using a domain registered to the root domain dc1 and simply request all of the domains in its forest by preforming search in the CN=Partitions,CN=Configuration,DC=dc1,dc=local.

    I can also get the root domain dns of my trusted forest (dc2) from the default naming context under "CN=System" by looking for an object of type "trustedDomain".

    The problem:

    The problem is that I can't see/find the other domains (childs) of the root domain dc2 from the active directory information found in dc1. In order to get these domains I currently bind to this domain controller (dc2) and preform the same search as I did in the domain controller dc1 (CN=Partitions,CN=Configuration,DC=dc2,dc=local) to get all its childs.

    Must I use this binding to each root domain in other forest in order to request all of its domains? Is there a better way to do it? I read about referrals which seems like a solution to my problem but I'm not sure if it is and I'm not sure how it should be used.

    Note : I'm using the DirectoryEntry class in C#.

    • Edited by Guy Ziv Wednesday, January 28, 2015 12:54 PM
    Wednesday, January 28, 2015 12:46 PM

All replies