How can i programmatically get the root of an Active Directory Forest via C# -


my customer has huge active directory forerst. example:

root

company.com   de.company.com   us.company.com   in.company.com   xx.company.com 

when current user domainname\username. when grab domainname , want search in domain other users in world, can't cause need know company.com directory search.

is there way in c# root object use directorysearcher or other c# method query ad?

root forest name can ontained rootdse partition. @ rootdomainnamingcontext attribute. wiil return forest root domain. not recommend extract forest name user dn, not work in case if have 2 domain trees in 1 forest. second option search users in global catalog of current domain. global catalog contains partial replica of users entire forest

the code below performs search on global catalog. have 2 domains, in forest returns me 2 users. aware, have deal multiple results returned:

        var forest = forest.getcurrentforest();         var globalcatalog = globalcatalog.findone(new directorycontext(directorycontexttype.forest, forest.name));          using (var connection = new ldapconnection(new ldapdirectoryidentifier(globalcatalog.name, 3268)))         {             var entries = new list<searchresultentry>();              var searchrequest = new searchrequest(string.empty, "(samaccountname=administrator)", searchscope.subtree, null);             var searchoptionscontrol = new searchoptionscontrol(system.directoryservices.protocols.searchoption.domainscope);              searchrequest.controls.add(searchoptionscontrol);              var pageresultrequestcontrol = new pageresultrequestcontrol(1000);              searchrequest.controls.add(pageresultrequestcontrol);                          {                 var response = (searchresponse)connection.sendrequest(searchrequest);                  if (response != null)                 {                     if (response.resultcode != resultcode.success)                     {                         throw new activedirectoryoperationexception(response.errormessage, (int) response.resultcode);                     }                      foreach (var c in response.controls.oftype<pageresultresponsecontrol>())                     {                         pageresultrequestcontrol.cookie = c.cookie;                         break;                     }                      entries.addrange(response.entries.cast<searchresultentry>());                 }             }             while (pageresultrequestcontrol.cookie != null && pageresultrequestcontrol.cookie.length > 0);         } 

several notes on code: 1. of course code not production one. can write more general ldapsearcher, example 1 can found here. can make synchronous version of searcher if needed. 2. recommend use ldapconnection instead of directorysearcher in service based applications, because using directorysearcher in enterprise environment leads memory leaks , other issues


Comments

Popular posts from this blog

aws api gateway - SerializationException in posting new Records via Dynamodb Proxy Service in API -

asp.net - Problems sending emails from forum -