In Active Directory Users And Computers it is easy to just select Find =>Entire Directory to search a username.
If I don't feed this API (PHP AD LDAP 4.04) the correct account_suffix,base_dn,domain_controllers it will not return ANY information on the user account when I do $ad->user()->infoCollection($username,array('*'));
I am able to
$ad->findBaseDn();
From this, I am able to deduce the current domain my user account is part of...
How would I discover ALL domains in the forest that I belong to? ... or is there any easy way to top level query without specifying all this information in a loop through manual input?
If you are familiar with Powershell Active Directory, something like
$var = Get-AdForest
$var.Domains
A ldapSearch with a base of: CN=Partitions,CN=Configuration,DC=example,DC=com
With an LDAP Filter of: (nETBIOSName=*)
And Returning the Attribute: nCNames
Will return all the AD Domains within the forest in LDAP Format.
However, how "trusts" are configured may restrict or allow access to these Domains.
-jim