I need to read the Active Directory, search users and create user functionality.
I am able to use DirectoryEntry in C# and Domain is only physical server.
In my production environment, I have two physical domain servers with same domain name. When I try to search the AD user or create, I am getting the following exception.
Exception : "0000202B: RefErr: DSID-031007EF, data 0, 1 access points" [extended Error 8235]
Note that I have Domain Admin privileges on the domain but I'm still having the same issue.
0000202B: could mean wrong DN/searchbase like incorrect DC value etc.
Your problem looks like a DNS problem. I know writting that, I've got statisticaly 80% chance being right. Check the domain name resolution from your client. Check your DNS and verify that your two domain controlers are well registered.
The error you are getting is referall related:
ERROR_DS_REFERRAL 8235 (0x202B) A referral was returned from the server.
You can find the error codes linked at this MSDN Article.
来源:https://stackoverflow.com/questions/8019332/major-active-exception-while-accessing-creating-user-exception-0000202b-refer