通过 2 路林信任在多个林中搜索用户。
我有一个大型企业网络,有多个林(总共 5 个林)。其中一个森林与其他 4 个森林有双向森林信任。
我正在 .net 中构建一个网页,该网页需要能够在所有森林中搜索用户。我在林中创建了一个服务帐户,该帐户与其他 4 个林具有 2 种信任关系,并请求授予该帐户读取访问权限,以便能够搜索其他林中的域,但似乎无法获取任何搜索查询在任何其他森林上工作。
在过去的几天里,我一直在尝试在线研究这个问题,并且只看到了在林中的单个域中或使用全局目录在同一林中的多个域中搜索 AD 的解决方案。
有谁知道如何执行这种搜索,或者即使这是可能的?
I have a large enterprise network that has multiple forests (5 forests in total). One of these forests has a 2 way forest trust with the other 4 forests.
I am building a webpage in .net that is required to be able to search for users against all forests. I have a service account created in the forest that has the 2 way trusts with the other 4 forests and have requested that this account be granted read access to be able to search the domains in the other forests but cannot seem to get any search query to work on any of the other forests.
I have spent the last few days trying to research this online and have only seen solutions for searching AD in a single domain in the forest or across multiple domains in the same forest using the global catalogue.
Does anyone know how to perform this kind search or even if this is possible?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这应该可以通过 Phantom Root (http://msdn.microsoft.com/en-us/library/aa366988(VS.85).aspx) 搜索来实现。您应该获得其他四个森林(您的代码需要追踪)的推荐,以便完成完整的搜索。
This should be possible with a Phantom Root (http://msdn.microsoft.com/en-us/library/aa366988(VS.85).aspx) search. You should get referrals back for the four other forests (which your code will need to chase) in order to complete the full search.