I have two domain controllers configured with non-contiguous namespaces. There is a two-way forest trust and crossRef objects set up between domains. I can successfully execute an LDAP search for any particular object in either domain. However, I would like to be able to execute a single LDAP search for all User objects in both directories pointed against a single baseDN.
Is this possible?
Best Answer
In my opinion, setting up OpenLDAP is probably going to be more work than you want to go through for the convenience of running one LDAP query.
I would create a VBScript / PowerShell script to take a supplied query, execute it against both domains, and return the results to you.
This would be a fairly simple script to write. If I get some time later tonight and you haven't found a suitable solution (and you're interested), I'll try to cook one up.