Active directory cross domain - group members using PrincipalContext

Question

I am trying to fetch the members of a given active directory group by using DirectoryServices.AccouneManagement namespaces classes in c#.

If I have my principal context object constructor specified for a specific domain, then whenever I access the member from the the group which is from the other domains I am running into the below error: "A referral was returned from the server".

Scenario is : I have different sub domains under root domain Eg: emea.mycorp.com, asia.mycorp.com, asiapacific.mycorp.com, xyz.mycorp.com

If i am running the below code from the domain xyz.mycorp.com, for a group in asiapacific If I specify the servername in the principal context object I could access the group.

private PrincipalContext context = 
    new PrincipalContext(ContextType.Domain, "asiapacific domain server name");

If my group has the users from other domains like emea\abcd, the below code fails at UserPrincipal:

GroupPrincipal SearchGroup = GroupPrincipal.FindByIdentity(context, "Dev Team"); 
    GroupName = new List<string>();
    foreach (UserPrincipal p in SearchGroup.GetMembers())      
    {        
        GroupName.Add(p.SamAccountName + " " + p.DistinguishedName + " " + p.Name);  
    }

So, Is there a way that I can pass the context for the root domain, so that the code will work irrespective of the domain to which the user belongs to. I tried below and with none of it with luck:

private PrincipalContext context = 
    new PrincipalContext(ContextType.Domain, "mycorp.com");

or

private PrincipalContext context = 
    new PrincipalContext(ContextType.Domain, "DC=mycorp,DC=com");

Answer 1

Try this:

new PrincipalContext(ContextType.Domain, "xyz.mycorp.com:3268", "DC=mycorp,DC=com");

This will create the PrincipalContext using the global catalog service on your local domain controller (of course, this assumes that your local DC is a GC as well). This will allow searches of the entire forest.