Active Directory and Pre Windows 2000 infos
Hi
I access a Windows 2003 Active Directory with Java. This works.
Before Windows 2000 Windows holds the users in a SAM. There was a domain (for all users the same) and a user name any user. For example TESTDOMAIN\testuser.
Until Windows 2000 the user in a Windows Domain are managed in an Active Directory which can be accessed by LDAP. In an Active Directory the domain has a name like testdomain.local. You can login in Windows with TESTDOMAIN\testuser (old; testuser is stored in the sAMAccountName) or testuser@testdomain.local (new; is stored in the userPrincipalName attribute) for the same user. The question is where in the Active Directory the old domain name (TESTDOMAIN) can be found.
Peter
[734 byte] By [
pefea] at [2007-10-2 20:11:52]
Perhaps one day I should draw an "Entity Relationship" diagram for Active Directory :-)
First thing to do is retrieve is the list of naming contexts held by the domain controller.
If you bind to the RootDSE (essentially a table of contents for a LDAP Directory) you can retrieve the list of naming contexts held on an Active Directory Domain controller.
For example my domain controller holds the following contexts:
root domain naming context: dc=antipodes, dc=com
default naming context: dc=antipodes, dc=com
schema naming context cn=schema,cn=configuration,dc=antipodes,dc=com
and
configuration naming context cn=configuration,dc=antipodes,dc=com
If you then navigate to the configuration naming context and perform a search for objectClass = crossRef you will find several objects representing the domains in your forest.
The interesting attributes of the crossRef objectClass are:
netBIOS Name: this is the downlevel domain name that you were personally interested in
dnsRoot : the fully qualified dns name of the domain
ncName: the distinguished name of the domain
Good luck.
