Does Batchpatch support Child Domains?

BatchPatch Forums Home Forums BatchPatch Support Forum Does Batchpatch support Child Domains?

Tagged: 

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • May 27, 2022 at 2:13 pm #13440
    gulottc
    Participant

    I have a primary domain

    domain.com

    That I connect to LDAP using the string

    DC=Domain, DC=com

    and it works fine
    But when I try to connect to a Child domain to add hosts using the LDAP string I get “A referral was returned from the server”

    Child Domain = child.prod.domain.com

    LDAP string= CN=domaincontroller,DC=child,DC=prod,DC=domain,DC=com

    The user is a domain admin on the child and primary domain
    I have tried both the domain controller by name and by IP
    I can do NSLOOKup to the domain controller and get the correct IP
    Am I structuring the string incorrectly? or something else going on?
    I confirmed with network that the ports are open for batchpach in the child domain.

    Any help would be great! Thank you!

    May 27, 2022 at 3:53 pm #13441
    doug
    Moderator

    Yes BatchPatch will work with child domains. The issue you are encountering is probably one of a couple/few things:

    First let’s just consider syntax issues. Example proper syntax for this field is: domainControllerName
    or
    DC=myDomain,DC=com
    or
    domainControllerName/DC=myDomain,DC=com

    Your syntax does not match any of the above three examples because you have CN=domaincontroller,DC=child,DC=prod,DC=domain,DC=com

    I would suggest you instead try each of these and see which one(s) work:
    domaincontroller
    or
    DC=child,DC=prod,DC=domain,DC=com
    or
    domaincontroller/DC=child,DC=prod,DC=domain,DC=com

    My guess is that right there will probably solve your issue. However, if it does not solve it, then I think you prob need to connect to a different domain controller. Basically if you specify a domain controller that is not a global catalog server then I think that could cause a referral to be returned. For this reason, it’s usually better to NOT specify a domain controller but instead just specify the domain (like in the second example above). However, there may be cases where this won’t work and where you need to specify a particular domain controller, in which case you probably need to make sure it is a global catalog server too because otherwise I think it will always return a referral due to it not containing the directory information to handle your LDAP request.

    -Doug

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.