How to enumerate per-Forest Active Directory domains in C# ?

Question

This code enumerate Active Directory domains, if the mahine on which is running is part of the forest.

public static ArrayList EnumerateDomains()
{
    ArrayList alDomains = new ArrayList();
    Forest currentForest = Forest.GetCurrentForest();
    DomainCollection myDomains = currentForest.Domains;

    foreach (Domain objDomain in myDomains)
    {
        alDomains.Add(objDomain.Name);
    }
    return alDomains;
}

Is it posible to enumerate domains which are part of some other forest ?

What is the difference between forest and global catalog ?

Answer 1

The logic above should work (provided permissions are OK) if you replace the setting of currentForest with a call to Forest.GetForest that identifies the forest whose domains you wish to enumerate.

DirectoryContext context = new DirectoryContext(DirectoryContextType.Forest,
    "dns-name-of-target-forest");
Forest currentForest = Forest.GetForest(context);

If you don't have permission but do know someone who does, there are DirectoryContext constructor overrides that allow you to specify an alternate name and password.

The relationship of global catalog to forest is detailed here. In short, a forest is an Active Directory (AD) abstraction for grouping of AD objects. A global catalog (if the forest has one) is a distributed data repository that is required in order for certain types of operations to be done on that forest.