Get-ADUser : A referral was returned from the server

0 Flares 0 Flares ×

Recently a friend of mine had to query for the users and user properties who are members of “Enterprise Admins” Active Directory group. Of course you need to import ActiveDirectory powershell module to run it. The command is pretty simple

So command should prepare a csv file with all the users and their properties, even if users are members of nested groups. However a strange error we’ve received.

This happens if Get-ADUser command query is run against the user, who belongs to other domain, within AD forest.
So how to ask for the user from different domain. It’s pretty easy, it’s enough to add the -server [DC name] parameter to the Get-ADUser command. But if there are many domains, how to provide DC names from multiple domains in a pipe ? Or is there any other way ?
Answer is yes and it’s quite obvious, one need to specify a [DC Name] as domain controller with Global Catalog role, because GC stores the information about all objects in the domain, moreover you need to query GC instead of standard LDAP. So the final command for this should be like that

While you add the server parameter with the GC port, command run without “A referral was returned from the server” error.

I hope this post will be helpful for you. Thanks for reading.

0 Flares LinkedIn 0 Google+ 0 Facebook 0 Twitter 0 0 Flares ×

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.