Hi there,
I'm trying to use Get-ADUser for the following purpose: Checking if SharePoint users even exist in their Active Directory. Now there's only a one way trust between domain of SharePoint servers and SharePoint users (e. g. PeoplePicker had to be configured for that reason). There also is a strict firewall between these domains. What am I able to do is to use LDP tool to connect via port 389 from the SharePoint server to the Active Directory. This at least was opened for User Profile sync...
However, I'm trying to connect with a different user and naming the foreign server, of course foreign domain is one way trusted and name resolution works:
Get-ADUser -Server dc1.foreigndomain.corp:389 -Credential FOREIGNDOMAIN\adreaduser
In a full trusted environment without any firewall that works like a charm, unfortunately not in my scenario. Could you please help me? Which additional ports are needed? Does this work with one way trusts at all? Which other possibilities do you see for reaching my target which actually was to check SharePoint identities against the Active Directory?
Thanks in advance!