using (PrincipalContext Context = new PrincipalContext(ContextType.Domain, DomainURL, UserName, Password))
{
UserPrincipal Account = new UserPrincipal(Context);
Account.GivenName = strFirstName;
Account.Surname = strLastName;
PrincipalSearcher srch = new PrincipalSearcher(Account);
foreach (var principal in srch.FindAll())
{
var p = (UserPrincipal)principal;
String FirstName = p.GivenName;
String LastName = p.Surname;
}
}
If i use the code above to query Active Directory and the UserName(account) passed in the PrincipalContext constructor is in a domain that has no trust with the target domain(domain to be queried), i get the below error.
System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be contacted. ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
Would i be correct to assume that if the PrincipalContext construct was changed to,
using (PrincipalContext ctx = new PrincipalContext(ContextType.Machine))
the code would execute successfully as long as the client is in the target domain?
Lets assume the first code with UserName and Password was called by a client in domain A trying to search for user info in domain B, here establishing context failed because the account used is in domain A that has no trust with domain B.
am i correct to assume that if i change the ContextType to Machine, and the client calling the code is in domain B, the code would execute succefully?
No, that would not be a correct assumption. ContextType.Machine means that you want to work with local accounts.
Your PrincipalSearcher will end up searching the local SAM database rather than Active Directory