I've got a problem with using Forest.GetCurrentForest() method when communicating with a Read-only domain controller.
The exception thrown is:
System.DirectoryServices.ActiveDirectory.ActiveDirectoryServerDownException: The server is not operational.
Note: Everything works fine when communicating with a RWDC.
Previously, to fix other issues when communicating with a RODC, we had to modify the way we created DirectoryEntry objects, making use of the AuthenticationType.ReadOnlyServer flag. However I've seen (using reflector) that the GetCurrentForest() method creates its own DirectoryEntry object using a Utils class, which in turn uses a DefaultAuthType.
So, my question is: Does anyone know how to set/modify the DefaultAuthType so that it can return the required authentication type? Is there a better way to do this? The aim of this piece of code is simply to get the list of available domains visible to the server.
Thanks,
Ben
Well, doesn't seem like there's an easy answer to this. In the end we rewrote the code to not use the Domain/Forest objects...