How does one connect to the RootDSE and/or retrieve highestCommittedUSN with System.DirectoryServices.Protocols?

Question

Using System.DirectoryServices, one can get the highestCommittedUSN this way:

using(DirectoryEntry entry = new DirectoryEntry("LDAP://servername:636/RootDSE"))
{
     var usn = entry.Properties["highestCommittedUSN"].Value;
}

However, I need to get this information from a remote ADLDS using System.DirectoryServices.Protocols, which does not leverage ADSI. Following is a simplified code sample of what I'm attempting to do:

using(LdapConnection connection = GetWin32LdapConnection())
{
     var filter = "(&(highestCommittedUSN=*))";
     var searchRequest = new SearchRequest("RootDSE", filter, SearchScope.Subtree, "highestCommittedUSN");
     var response = connection.SendRequest(searchRequest) as SearchResponse;
     var usn = response.Entries[0].Attributes["highestCommittedUSN"][0];
}

Unfortunately this kicks back a "DirectoryOperationException: The distinguished name contains invalid syntax." At first I thought there might be something wrong in GetWin32LdapConnection() but that code is called in numerous other places to connect to the directory and never errors out.

Any ideas?

Answer 1

Thanks for the idea, Zilog. Apparently to connect to the RootDSE, you have to specify null for the root container. I also switched the filter to objectClass=* and the search scope to "base." Now it works!

using(LdapConnection connection = GetWin32LdapConnection())
{
 var filter = "(&(objectClass=*))";
 var searchRequest = new SearchRequest(null, filter, SearchScope.Base, "highestCommittedUSN");
 var response = connection.SendRequest(searchRequest) as SearchResponse;
 var usn = response.Entries[0].Attributes["highestcommittedusn"][0];
}

I hope this saves someone else some time in the future.