Hi everybody,

I am using the code given by Microsoft (link: https://www.microsoft.com/en-us/download/details.aspx?id=13082 & https://msdn.microsoft.com/en-us/library/office/dn467395(v=exchg.150).aspx#bk_CodeExample) for SCP Record Lookup. Both links have same implementation. It works when the program is run from a computer in domain. But fails when the program is run from a computer not in domain. Kindly help me in solving this problem. Ask for clarifications if needed.

Thanks & regards,

Amit Jha

• Edited by jha.amit6666 Saturday, April 18, 2015 1:58 PM

To lookup Active Directory you will need LDAP access to a Domain Controller and also Active Directory credentials. That code already allows you pass in the name of the DC you want to access so you only need to modify

 List<string> scpUrls = GetScpUrls(null, domain);

like

 List<string> scpUrls = GetScpUrls("DCServername.domain.com", domain);

Then you need to change the code for the DirectoryEntry class that to use the Username and password see https://msdn.microsoft.com/en-us/library/system.directoryservices.directoryentry.username%28v=vs.110%29.aspx

Cheers
Glen

• Proposed as answer by Jason Johnston [MSFT]Microsoft employee, Moderator Monday, April 20, 2015 1:33 PM
• Unproposed as answer by jha.amit6666 Thursday, April 23, 2015 1:47 PM

Hi Glen,

Using ADExplorer, I can login and search all containers in all three Active Directory.

More information:

Active directory is installed in the servers in colored boxes.

1) If I run the program for SCP Record Lookup, in child1.parent1.com for parent1.com domain, then everything is fine.

2) If I run the program for SCP Record Lookup, in child1.parent1.com for child2.parent1.com domain, then error is "There is no such object on the server."

3) If I run the program for SCP Record Lookup, in child1.parent1.com for parent2.com domain, then error is "A referral was returned from the server."

4) If I run the program for SCP Record Lookup, in child2.parent1.com for child2.parent1.com domain, then everything is fine.

5) If I run the program for SCP Record Lookup, in child2.parent1.com for parent1.com domain, then error is "A referral was returned from the server."

6) If I run the program for SCP Record Lookup, in child2.parent1.com for parent2.com domain, then error is "A referral was returned from the server."

7) If I run the program for SCP Record Lookup, in child.parent2.com for parent2.com domain, then everything is fine.

8) If I run the program for SCP Record Lookup, in child.parent2.com for parent1.com domain, then error is "A referral was returned from the server."

9) If I run the program for SCP Record Lookup, in child.parent2.com for child2.parent1.com domain, then error is "A referral was returned from the server."

• Edited by jha.amit6666 Wednesday, April 22, 2015 6:02 AM

Hi Glen,

I am searching Global Catalog Server. Here is the snapshot of one the server.

Kindly enlighten me on how to use DNS instead of SCP records.

In the code given in the links mentioned in the two links in the question in the beginning,

string configPath = rootDSE.Properties["configurationNamingContext"].Value as string;

works fine. But, errors are given by this code

System.DirectoryServices.DirectorySearcher.FindAll();

So, the problem is when we search the Active Directory.

• Edited by jha.amit6666 Wednesday, April 22, 2015 10:47 AM

Hi Luke,

I have logged in to ADExplorer using the credentials of the user in the corresponding Active Directory. The snapshot is attached as a reference.

Do I need to use LDAP API or Active Directory Service Interfaces to solve this problem, or will this problem be reproduced there also?

• Edited by jha.amit6666 Wednesday, April 22, 2015 5:23 PM

Hi Glen,

I used credentials in the code you suggested, and got "Logon failure: unknown user name or bad password." error.

I was using Autodiscover for Exchange, but it connects to the default domain. E.g., If I run the program in child1.parent1.com the Autodiscover sends request the default domain only. What if Exchange Server is installed in other domain? If Exchange Server is installed in other  domain, it will fail because we couldn't get Autodiscover URL, and subsequently we couldn't get EWS URL.

Here is the StackTrace of the exception when I get "A referral was returned from the server."

at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
at System.DirectoryServices.DirectorySearcher.FindAll()
at ScpLookup.Program.GetScpUrls(String ldapServer, String domain) in c:\Users\user\Documents\Visual Studio 2013\Projects\SCPLookUp\SCPLookUp\Program.cs:line 94

Exception: System.DirectoryServices.DirectoryServicesCOMException

ExtendedError: 8235

ExtendedErrorMessage: "0000202B: RefErr: DSID-031007EF, data 0, 1 access points\n\tref 1: 'parent2.com'\n"

• Edited by jha.amit6666 Friday, April 24, 2015 5:25 AM

Its appears from that result you have an issue with your autodiscover configuration, this is really not a Development question anymore you need to talk to the people who are responsible for how and why the system is configured the way it is (and they may have a very valid reason for this so you may need to just come up with a workaround for your code).

Cheers
Glen