0

I have a service running as NetworkService which tries to access a trusted AD server (we have tried both domain trust and forest trust), but there seems to be an issue with the AD server used. A wild guess is that I have to provide a server name and a valid user from the remote domain in the new LdapConnection but I cannot find how to get a valid server name and user and password from the TrustRelationshipInformation.

The following code is executed on a machine in production.local, which has a two-way trust with test.local:

using (LdapConnection Connection = new LdapConnection(""))
    SearchRequest Request = new SearchRequest("DC=test,DC=local", filter, System.DirectoryServices.Protocols.SearchScope.Subtree, allRequiredProperties);
    ...
    SearchResponse SearchResponse = (SearchResponse)Connection.SendRequest(Request);

and it throws the error

System.DirectoryServices.Protocols.DirectoryOperationException:
The server cannot handle directory requests

Alexander
  • 19,906
  • 19
  • 75
  • 162
  • What if you use PrincipalSearcher and not SearchRequest/SearchResponse: https://stackoverflow.com/a/7721756/3254405 – boateng Nov 21 '17 at 16:30
  • 1
    Pass ldapdirectoryidentifier with test.local domain into ldapconnection ctor and verify that the networkservice account has sufficient privileges in test.local domain – oldovets Nov 24 '17 at 10:25
  • @numbtongue I am not sure I can get Exchange AddressList objects through a PrincipalSearcher... – Alexander Nov 27 '17 at 18:08
  • @oldovets That worked. If you make that an answer, I will accept it. – Alexander Nov 27 '17 at 18:20

0 Answers0