We have a domain with over 80 other "Trusted" domains attached. This means that some of our groups are cross linked, with users from one domain, in groups on another domain, etc. I have written a script that creates lists of users from a certain set of groups on one of the domains, but some of them are from other domains so I just get the Foreign Identifier. I need to link this to the other domains, but I need the SID of each domain.
Is there a PHP equivalent of Win32's DsEnumerateDomainTrusts? I don't want to have to write out all the SIDs by hand, and then keep updating them manually when new domains are added, or old ones are removed.
You can do an LDAP query for trustedDomain objects in the System container of the domain. For me, the domain's sid is in the securityIdentifier attribute.