Use of Forest.GetCurrentForest in RODC environment
https://stackoverflow.com/questions/9079061
-
05-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianسؤال
I've got a problem with using Forest.GetCurrentForest() method when communicating with a Read-only domain controller.
The exception thrown is:
System.DirectoryServices.ActiveDirectory.ActiveDirectoryServerDownException: The server is not operational.
Note: Everything works fine when communicating with a RWDC.
Previously, to fix other issues when communicating with a RODC, we had to modify the way we created DirectoryEntry objects, making use of the AuthenticationType.ReadOnlyServer flag. However I've seen (using reflector) that the GetCurrentForest() method creates its own DirectoryEntry object using a Utils class, which in turn uses a DefaultAuthType.
So, my question is: Does anyone know how to set/modify the DefaultAuthType so that it can return the required authentication type? Is there a better way to do this? The aim of this piece of code is simply to get the list of available domains visible to the server.
Thanks,
Ben
المحلول
Well, doesn't seem like there's an easy answer to this. In the end we rewrote the code to not use the Domain/Forest objects...
نصائح أخرى
What I do to "overcome" this issue was, I first try to get the Forest.GetCurrentForest(), and if exception thrown, I then use Domain.GetComputerDomain() for last solution, of cause, the list now only contain the domain that the web server joined.
