I am a newbie with LDAP. I am trying to list all the NT Domain names. By NT Domain names I mean, the names of domains you would find on the LAN Network. You can observe this on windows xp machines when you try to log-on to that machine (i.e. the log-on dialog you get after hitting ctrl+alt+del). Usually we select the domain name in the last drop down, after typing credentials.
I've taken a look at this post, and couldn't make anything off it. I don't know what rootDSE
is. The code given in the post does it with rootdse. However, I have a specific server to hit and query, and I think its a domain controller. (I may be wrong on this). We write something like
LDAP://<domain_name>/dc=<domain>,dc=org
As given in the post i tried to look for a property named rootDomainNamingContext
. But I couldn't find it. Then I tried the below code:
Sub Main()
Dim oRoot As DirectoryEntry = Nothing
'Dim oSearcher As DirectorySearcher
'Dim oResults As SearchResultCollection
Try
oRoot = New DirectoryEntry("LDAP://<domain_name>/dc=<domain>,dc=org")
For Each obj As String In oRoot.Properties.PropertyNames
Console.Write(obj + ", ")
Next
Catch ex As Exception
Console.Write(ex.Message)
Finally
oRoot.Dispose()
End Try
Console.Read()
End Sub
I don't know what to specifically look for in the output I got. The output I got was:
objectClass, description, distinguishedName, instanceType, whenCreated, whenChan
ged, subRefs, uSNCreated, dSASignature, repsTo, repsFrom, uSNChanged, name, obje
ctGUID, replUpToDateVector, creationTime, forceLogoff, lockoutDuration, lockOutO
bservationWindow, lockoutThreshold, maxPwdAge, minPwdAge, minPwdLength, modified
CountAtLastProm, nextRid, pwdProperties, pwdHistoryLength, objectSid, uASCompat,
modifiedCount, auditingPolicy, nTMixedDomain, rIDManagerReference, fSMORoleOwne
r, systemFlags, wellKnownObjects, objectCategory, isCriticalSystemObject, gPLink
, gPOptions, masteredBy, ms-DS-MachineAccountQuota, msDS-Behavior-Version, msDS-
PerUserTrustQuota, msDS-AllUsersTrustQuota, msDS-PerUserTrustTombstonesQuota, ms
Ds-masteredBy, dc, nTSecurityDescriptor,
I really need guidance here.
I have used the code below to get the domains:
Dim dc As New DirectoryContext(DirectoryContextType.DirectoryServer, DcIpAddr)
Dim domc As DomainController = DomainController.GetDomainController(dc)
For Each dmn As Domain In domc.Forest.Domains
Console.WriteLine(dmn.Name)
Next
Now the issue is two fold. Firstly, the inconsistency in the domain names. Suppose my DC's DNS name is prod.domain.com
, and expected domain nams are for e.g. dev, domain, etc
. Instead I get dev.domain.org, domain.org, etc
. Some of the names which appear windows log-in dialog, when queried, appear with the suffix domain.org
; some have the suffix .org
.
The 2nd issue is not all the domain names (which appear in the windows log-in dialog, 3rd drop down) appear. Wonder why this is so?
Figure that the other domains (which are not appearing) may be part of another domain controller server or I need access the dc with appropriate credentials.
RootDSE is defined in LDAP clossary. the root DSE could be, in your case, LDAP://<domain_name>/dc=<domain>,dc=org
.
You should be able to get domains using the code on the other Stack Overflow question, if your AD server has rootDomainNamingContext defined. Since it seems you don't have that property, you'll need to iterate over the records to find the proper property. I'd suggest you go the the domain controller, either physically or via remote desktop, and open the AD directory and look for the entries and their properties to get a good view of what you need to query from VB. If you can't get access, ask your sysadmin.