Listing all domains in a forest

These snippets of code shows how to search Active Directory using LDAP to return all domains in the current Forest (based on current authentication).

For VB and C# a reference to System.DirectoryServices is required within the project.

C# .NET

// Connect to RootDSE  
DirectoryEntry RootDSE = new DirectoryEntry("LDAP://rootDSE");

// Retrieve the Configuration Naming Context from RootDSE  
string configNC = RootDSE.Properties["configurationNamingContext"].Value.ToString();

// Connect to the Configuration Naming Context  
DirectoryEntry configSearchRoot = new DirectoryEntry("LDAP://" + configNC);

// Search for all partitions where the NetBIOSName is set.  
DirectorySearcher configSearch = new DirectorySearcher(configSearchRoot);  
configSearch.Filter = ("(NETBIOSName=*)");

// Configure search to return dnsroot and ncname attributes  
configSearch.PropertiesToLoad.Add("dnsroot");  
configSearch.PropertiesToLoad.Add("ncname");  
SearchResultCollection forestPartitionList = configSearch.FindAll();

// Loop through each returned domain in the result collection  
foreach (SearchResult domainPartition in forestPartitionList)  
{  
    // domainName like "domain.com". ncName like "DC=domain,DC=com"  
    string domainName = domainPartition.Properties["dnsroot"][0].ToString();  
    string ncName = domainPartition.Properties["ncname"][0].ToString();  
}

PowerShell

# Connect to RootDSE
$rootDSE = [ADSI]"LDAP://RootDSE"

# Connect to the Configuration Naming Context
$configSearchRoot = [ADSI]("LDAP://" + $rootDSE.Get("configurationNamingContext"))

# Configure the filter
$filter = "(NETBIOSName=*)"

# Search for all partitions where the NetBIOSName is set 
$configSearch = New-Object DirectoryServices.DirectorySearcher($configSearchRoot, $filter)

# Configure search to return dnsroot and ncname attributes
$null = $configSearch.PropertiesToLoad.Add("dnsroot")
$null = $configSearch.PropertiesToLoad.Add("ncname")
$configSearch.FindAll() | Select-Object @{n="dnsroot";e={ $_.Properties.dnsroot }},
    @{n="ncname";e={ $_.Properties.ncname }}

VB .NET

' Connect to RootDSE
Dim RootDSE As New DirectoryEntry("LDAP://rootDSE")

' Retrieve the Configuration Naming Context from RootDSE
Dim configNC As String = RootDSE.Properties("configurationNamingContext").Value.ToString()

' Connect to the Configuration Naming Context
Dim configSearchRoot As New DirectoryEntry("LDAP://" & configNC)

' Search for all partitions where the NetBIOSName is set.
Dim configSearch As New DirectorySearcher(configSearchRoot)
configSearch.Filter = ("(NETBIOSName=*)")

' Configure search to return dnsroot and ncname attributes
configSearch.PropertiesToLoad.Add("dnsroot")
configSearch.PropertiesToLoad.Add("ncname")

Dim forestPartitionList As SearchResultCollection
forestPartitionList = configSearch.FindAll()

' Loop through each returned domain in the result collection
For Each domainPartition In forestPartitionList
    ' domainName like "domain.com". ncName like "DC=domain,DC=com" 
    Dim domainName As String = domainPartition.Properties("dnsroot")(0).ToString()
    Dim ncName As String = domainPartition.Properties("ncname")(0).ToString()
Next

VbScript

Dim objConnection, objRootDSE, objRecordSet
Dim strFilter strFilter = "(NETBIOSName=*)"

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"

Set objRootDSE = GetObject("LDAP://RootDSE")
Set objRecordSet = objConnection.Execute( _
    "<LDAP://" & objRootDSE.Get("configurationNamingContext") & ">;" & strFilter & ";dnsroot,ncname;subtree")
Set objRootDSE = Nothing

While Not objRecordSet.EOF
    WScript.Echo Join(objRecordSet.Fields("dnsroot").Value) 
    WScript.Echo objRecordSet.Fields("ncname").Value 

    objRecordSet.MoveNext
WEnd
Listing all domains in a forest
Share this