I have written some code to fetch user information from an Active Directory Server. Suppose the Active Directory Server has nodes, each of which is another Active Directory Installation in a different geographic location. Eg: one AD server in US and another in Australia with a root AD Server in US with the former two as nodes.
Would the filter queries I write for searching users across geographic locations work if I run them on the root AD server ?. The query I use is
(|(objectClass=user)(objectClass=person)(objectClass=inetOrgPerson))
I cannot actually test this scenario but need to know the what will happen here.
The AD is distributed and multimaster database, in general terms you can query any of the Domain Controllers about a user and get the same answer in any of the DC (nodes).
In AD you can configure the replication of data changes between servers, so if a user change some attribute in Australia, and you query for some data against the server in NY maybe you will get different answers. The domain administrator can tell you about time replication in the domain.
Once the replication takes place, you have the same information in any of the DC. Usually replication times are about minutes, but in some cases it is only set to 1 or 2 times per day.
I hope this answer your question.
Your terminology WRT Active Directory is not precise. There are two concerns that I can see for you:
The Global Catalog maintains a subset of the contents of all domains in the forest. If your use of the term "node" refers to disperate domains, queries against the Global Catalog will allow you to query all domains in the forest in a single query (assuming the attributes you're looking for are part of the subset replicated into the GC).
Location of a physically-close DC is accomplished through a combination of DNS and LDAP queries. A Goooooogle search on "dns ldap find closest domain controller" returns some good first steps (Finding closest Domain Controller through LDAP).
If you're developing on Windows you can get domain controller location "for free" by using the ADSI API.
What is not clear here is what you mean with the term "node".
As long as you're querying domain controllers of the same domain, you will get the same answer to the same query from any one of them (aside from replication issues).
But if you have multiple domains, or if you want to query specific subtrees (OUs) of a given domain, you will get different answers.
r u sure you want the "OR" "|" operator in the query, it doesn't make sense. Also are you equating nodes with domains?
also the following will give you an example where you don't need code to test with.
dsquery * domainroot -filter (|(objectClass=user)(objectClass=person)(objectClass=inetOrgPerson))" -attr *
but like I said the "OR" | operator doesn't make sense.
oddly I found a bug in serverfaults answer code, it will be wierd if after doing this it disappears