| Platform SDK: Active Directory, ADSI, and Directory Services |
A referral is the way that a directory server communicates that it does not contain the information required to complete a request (such as a query), but has a reference to a server that may contain the required information. Note that referrals are not just generated by query requests.
The following operations can result in one or more referrals:
What about other forests? A Windows 2000 domain controller will automatically generate an external referral based on the domain controller components of the distinguished name. If name resolution fails to find an object locally and there are no crossRef objects for that portion of namespace, the domain controller will attempt the following: 1) Check if the distinguished name specified has DC= naming attributes for its upper components 2) If it does, it constructs an external referral based on the upper components of the distinguished name. For example, if your search was based at "cn=a,cn=b,dc=c,dc=d,dc=e", the domain controller will construct a referral to the LDAP server at DNS address "c.d.e".
This means that all Windows 2000 domain controllers (which support only DC= naming for the upper components) automatically have knowledge of each other, and no external crossrefs are ever required for a client to bind from one forest to another. If other non-Windows 2000 directory servers (such as a Netscape server) is using DC= naming and has an appropriate SRV RR registered in DNS, it will get the advantage of the automatic referrals as well. If not, an external crossRef object must be added manually.