2

I am trying to get the usergroups using below code.

        var domainContext = new PrincipalContext(ContextType.Domain, domain);
        var user = UserPrincipal.FindByIdentity(domainContext, username);

       var groups = user.GetGroups()

But I am getting the error.

[ActiveDirectoryServerDownException: The server is not operational.

Name: "DomainController.Domain.com"

]

System.DirectoryServices.ActiveDirectory.PropertyManager.GetPropertyValue(DirectoryContext context, DirectoryEntry directoryEntry, String propertyName) +510

System.DirectoryServices.ActiveDirectory.DirectoryEntryManager.ExpandWellKnownDN(WellKnownDN dn) +239

System.DirectoryServices.ActiveDirectory.DomainController.get_Domain() +71

System.DirectoryServices.AccountManagement.ADStoreCtx.GetGroupsMemberOf(Principal p) +839

System.DirectoryServices.AccountManagement.Principal.GetGroups() +32

The issue is, the active directory server mentioned in the error is demoted. But we are not sure from where it is getting the name. There are other DCs available, still it is pointing to the demoted DC. Can you please help me to find out from where it is getting the name of the demoted DC and why it is not pointing to other DCs when this one is not available?

Thanks in advance.

Vijay
  • 51
  • 1
  • 4
  • When you do a DNS lookup on your domain name (`nslookup domain.com`) does the IP of the demoted server come up? – Gabriel Luci May 27 '17 at 03:39
  • No. I am not getting the demoted server IP. – Vijay May 29 '17 at 13:08
  • This suggests you need to delete it in AD Sites and Services: https://social.technet.microsoft.com/Forums/windows/en-US/6fbb5e06-2998-4dc4-bce3-47fd9932941f/demoted-domain-controller-still-showing-up-in-ad-sites-and-services?forum=winserverDS – Gabriel Luci May 29 '17 at 14:12
  • I will check this.. – Vijay May 31 '17 at 06:50

0 Answers0