A referral was returned from the server exception when accessing AD from C

Question

DirectoryEntry oDE   new DirectoryEntry  LDAP   DC Test1 DC Test2 DC gov DC lk     using  DirectorySearcher ds   new DirectorySearcher oDE         ds PropertiesToLoad Add  name        ds PropertiesToLoad Add  userPrincipalName         ds Filter      amp  objectClass user          SearchResultCollection results   ds FindAll         foreach  SearchResult result in results                Console WriteLine   0  -  1                result Properties  name   0  ToString                result Properties  userPrincipalName   0  ToString               On the SearchResultCollection results   ds FindAll    line I get an exception      A referral was returned from the server   Why do I get that exception and what does it mean

User · Answer

Probably the path you supplied was not correct  Check that  I would recomment the article Howto   Almost  Everything In Active Directory via C  which really helped me in the past in dealing with AD

User · Answer

A referral was returned from the server error usually means that the IP address is not hosted by the domain that is provided on the connection string   For more detail  see this link   Referral was returned AD Provider  To illustrate the problem  we define two IP addresses hosted on different domains   IP Address DC Name Notes  172 1 1 10 ozkary com Production domain  172 1 30 50 ozkaryDev com Development domain  If we defined a LDAP connection string with this format   LDAP   172 1 1 10 389 OU USERS DC OZKARYDEV DC COM  This will generate the error because the IP is actually on the OZKARY DC not the OZKARYDEV DC  To correct the problem  we would need to use the IP address that is associated to the domain

User · Answer

A referral is sent by an AD server when it doesn t have the information requested itself  but know that another server have the info  It usually appears in trust environment where a DC can  refer to a DC in trusted domain   In your case you are only specifying a domain  relying on automatic lookup of what domain controller to use  I think that you should try to find out what domain controller is used for the query and look if that one really holds the requested information   If you provide more information on your AD setup  including any trusts subdomains  global catalogues and the DNS resource records for the domain controllers it will be easier to help you

User · Answer

This is the answer for the question Reason for the cause is my LDAP string was wrong       try               string adServer   ConfigurationManager AppSettings  Server            string adDomain   ConfigurationManager AppSettings  Domain            string adUsername   ConfigurationManager AppSettings  AdiminUsername            string password   ConfigurationManager AppSettings  Password            string   dc   adDomain Split               string dcAdDomain   string Empty           foreach  string item in dc                        if  dc dc Length - 1  Equals item                   dcAdDomain   dcAdDomain    DC     item              else                 dcAdDomain   dcAdDomain    DC     item                           DirectoryEntry de   new DirectoryEntry  LDAP       adServer     CN Users     dcAdDomain  adUsername  password            DirectorySearcher ds   new DirectorySearcher de            ds SearchScope   SearchScope Subtree           ds Filter      amp  objectClass User  sAMAccountName     username                  if  ds FindOne      null              return true            catch  Exception ex                ExLog ex             return false

User · Answer

You may also need to enable ReferralChasing on the DirectorySearcher - http   msdn microsoft com en-us library ms180884 VS 80  aspx

User · Answer

In my case I was seeing referrals when I was accessing AD via SSO with an account in a trusted domain   The problem went away when I connected with explicit credentials in the local domain   i e  I replaced  DirectoryEntry de   new DirectoryEntry  blah com      with  DirectoryEntry de   new DirectoryEntry  blah com    someguy blah com    supersecret      and the problem went away

User · Answer

I know this might sound silly  but I recently came across this myself  Make sure the domain controller is not read-only

User · Answer

Had the same issue and managed to resolve it    In my case  I had an AD group in the current logon domain with members  users  from a sub domain  The server that I was running the code on could not access the domain controller of the sub domain  the server had never needed to access the sub domain before    I struggled for a while as my desktop PC could access the domain so everything looked OK in the MMC plugin  Active Directory Users  amp  Computers    Hope that helps someone else

[c#] "A referral was returned from the server" exception when accessing AD from C#

Examples related to c#

Examples related to active-directory