>First is there a way to retrieve each domain name, using winnt: doesn't
work
Nope. The WinNT provider is the legacy provider, there was no concept of
forests. You can use the LDAP provider to get the config container and then
query the crossref objects in the config container.
> if I use GC, I can read information on all objects, but how can I limit it
> so I can query only 1 domain at a time. If I use DC I have to query a
different
> DC for each domain.
In general you set the base of your query to the domain you want. The issue
can come in with child and grandchild domains such as
root.com
child.root.com
grandchild.child.root.com
A subtree search of root on a GC will search child and grandchild as well. A
subtree search of child.root.com will search grandchild as well. At that
point, you need to scope your query tighter (i.e. focus on specific ou's) or
hit a DC for the specific domain and use the LDAP port, not the GC port.
joe
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jason Benway
Sent: Wednesday, January 26, 2005 1:36 PM
To: '[email protected]'
Subject: [ActiveDir] OT: limiting ldap query to single domain
We have a large flat AD forest, with separate name spaces
(a.com,b.com,c.com,etc)
I have a few script questions.
First is there a way to retrieve each domain name, using winnt: doesn't work
Second, if I use GC, I can read information on all objects, but how can I
limit it so I can query only 1 domain at a time. If I use DC I have to query
a different DC for each domain.
Thanks,jb
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
