3.4.4.4.3.1.4 ActiveDirectoryForest/Domains

The Domains element contains an array of FQDNs (2) of the domains in the forest.

 <xs:element
   name="Domains" nillable="true" type="sera:ArrayOfstring" />

The Domains element is populated from the crossRef!dnsRoot attribute of all crossRef objects ([MS-ADTS] section 6.1.1.2.1.1) under the Partitions container ([MS-ADTS] section 6.1.1.2.1) that meet the following criteria:

  • The objectClass attribute of the object is crossRef and the client has access rights to read the attribute.

  • The FLAG_CR_NTDS_NC and FLAG_CR_NTDS_NOT_GC_REPLICATED bits of the crossRef!systemFlags attribute ([MS-ADTS] section 6.1.1.2.1.1) are set to 1 and the client has access rights to read the attribute.

  • The crossRef!dnsRoot attribute is present and the client has access rights to read the attribute.

  • The crossRef!Enabled attribute is not present, is not equal to FALSE, or cannot be read due to the client lacking access rights to read the attribute.

If no crossRef objects satisfy requirements 1 and 2, the server returns the SOAP fault described in section 3.4.4.4.8.1. If no crossRef objects satisfy all of the above requirements, the server returns a null ActiveDirectoryForest/Domains element. If the crossRef!dnsRoot attribute on a crossRef object satisfying all of the above requirements has multiple values, then only one of the values MUST be chosen; but any of the values MAY be chosen<49> to populate the element.

Show: