A Referral — Was Returned From The Server Powershell [2021]

Here’s a short, interesting piece based on that scenario — part tech mystery, part sysadmin humor.

Finds the user 'jdoe' regardless of which child domain they reside in. #> a referral was returned from the server powershell

# 2. If not found locally, search the Global Catalog (contains all domains) # We search specifically for the ObjectSid to determine the domain. Write-Verbose "Searching Global Catalog for '$Identity'..." $gcSearcher = [adsisearcher]"(&(objectClass=user)(sAMAccountName=$Identity))" $gcSearcher.SearchRoot = [adsi]"GC://$($env:USERDNSDOMAIN)" $gcResult = $gcSearcher.FindOne() Here’s a short, interesting piece based on that

.DESCRIPTION The "A referral was returned from the server" error usually happens when you query a user in Domain B while logged into Domain A. This function accepts an Identity (SamAccountName or SID), resolves its true location using the Global Catalog, and retrieves the object directly from that domain. If not found locally, search the Global Catalog

“A referral was returned from the server.”

: Running commands against a Read-Only Domain Controller (RODC) for write operations (like New-ADUser ) may trigger this error as the RODC refers the request to a writable DC.