Solved

ADsEnumerateNext failing enumerating Global Catalog

Posted on 2008-10-19
2
951 Views
Last Modified: 2013-12-19
Hi all

I've been searching for a day now for information on why ADsEnumerateNext can fail enumerating the global catalog.  

I've a client whose debug log files show me that this function is failing with S_FALSE.  The code is below.

I just get a debug trace back with enumerated 0 objects.

The process is a system service, running in an account which has domain administrator privileges.

I'm wondering what the possible failure modes for this are, e.g.

1. There is nothing in the GC (is this even possible)?
2. Service does not have permission to enumerate the GC (but can connect to it?)
3. There's some referral required?
4. User is in wrong domain without proper trust relation to the forest

Any ideas to check?
IADsContainer *pCont = NULL;

HRESULT rc = ADsOpenObject( L"GC:", NULL, NULL, ADS_SECURE_AUTHENTICATION, IID_IADsContainer, (void**)&pCont);

if( S_OK == rc )

{

	IEnumVARIANT *pEnum = NULL;

	FileTrace("[*] GetIADs -> Opened IID_IADsContainer");

	rc = ADsBuildEnumerator(pCont, &pEnum);

	if(S_OK == hResult) 

	{

		FileTrace("[*] GetIADs -> Built enumeration VARIANT");

		IDispatch *pDisp = NULL;

		ULONG lFetch = 0;

		VARIANT var;

		VariantInit( &var );
 

		// Now enumerate. There is only one child of the GC: object.

		rc = ADsEnumerateNext(pEnum, 1, &var, &lFetch);

		if (( rc == S_OK ) && ( lFetch == 1 ) )     

		{    

			FileTrace("[*] GetIADs -> Enumerated 1 object");

			pDisp = V_DISPATCH(&var);

			rc = pDisp->QueryInterface( IID_IADs, (void**)&pIADS); 

			if (pDisp)(pDisp)->Release();

		}

		else

		{

			FileTrace("[*] GetIADs -> Enumerated %d objects (hResult: %x)",lFetch,rc);

		}
 

		// clean up the variant.

		VariantClear(&var);
 

		if (pEnum) ADsFreeEnumerator(pEnum);

	}				

	else

	{

		FileTrace("[*] GetIADs -> ADsBuildEnumerator failed (rc: %x)", hResult);

	}

	if( pCont ) pCont->Release( );

}

else

{

	FileTrace("[*] GetIADs -> ADsOpenObject failed (hResult: %x)", rc);

}

Open in new window

0
Comment
Question by:Adrien de Croy
2 Comments
 
LVL 6

Expert Comment

by:meugen
ID: 22994855
According to MSDN website: S_FALSE means The call succeeded, but the number of items returned is less than those requested.
Maybe this helps you: http://msdn.microsoft.com/en-us/library/aa772181(VS.85).aspx
0
 
LVL 3

Accepted Solution

by:
Adrien de Croy earned 0 total points
ID: 23031431
Hi

was already aware of that, since I was only asking for 1 item, to return S_FALSE would still mean there are no items.

Turns out the problem was to do with the client's AD configuration, they reinstalled their OS, and the problem went away
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now