DirectoryEntry call to only dns configured dc servers under a domain

Question

We are querying Active Directory using the DirectoryEntry method by passing a domain name. Under this domain, there are 40 DC's, in that 20 of them are DNS configured, and the rest of them are non-DNS configured, which are not maintained well and not reliable(connecting to these non-DNS configured DC's will usually timeout or thread being aborted).

Now, while making an AD call with directoryEntry method, is there a way to query only the DC's which has the DNS configured?

Currently, the code picks the Non-DNS configured DC.

I know picking the DC in a domain is a domain server task, based on the geographical location and other factors. Is there any way we can modify the code to instruct the DirectoryEntry to pick only the DNS configured DC's when we pass the DomainName.

Sample code in c# .net:

DirectoryEntry obEntry = new DirectoryEntry(@"LDAP://" + DomainName + "/<SID=" + new SecurityIdentifier(groupSid, 0).Value + ">", serviceAccountUser, serviceAccountPassword);                                                    
if (obEntry.Guid != null)
{
    string distinguishedNameObtained = Convert.ToString(obEntry.Properties["distinguishedName"].Value);
}

Answer 1

You can't tell DirectoryEntry to pick a subset of DCs, but you can tell it to use one specific DC. In your code, you would set your DomainName variable to the name of the DC:

var DomainName = "dc1.example.com";

That's the easiest way, but now you've hard-coded one single DC, and if that one goes down, you have to change your code, which isn't ideal.

If you want to chose from the available DCs, you could try using Domain.GetCurrentDomain() or Domain.GetDomain() (if the computer you're running this from is not on the same domain you're connecting to) and then examining the DomainControllers collection. I don't know what you mean by the DCs not being configured for DNS, so I'm not sure if that's something you can determine from the DomainController class. Take a look at the documentation for DomainController and see if there is something you can use. There is a SiteName property if you want to choose a DC from a specific site.

If you are able to do that, then you can use the Name property of the DomainController in your LDAP string.