My use case is odd, but not uncommon. My machine is not joined to the domain in which I am scanning ACLs for.
I use runas /netonly /user:domain\user cmd
this gets me a command prompt with creds to do the scans.
the static method parseCommandLine properly parses the DN to get my domain name. _targetDomain and places it in DistinguishedName.DomainName
While the static method private static int getAcls(DistinguishedName targetDn) takes in the DistinguishedName class, which has the DN and domain names, it passes only the DN string to ActiveDirectoryAcls() constructor. This leaves the private property _targetDomain
When calling the constructor public WLdapSearchRequest(string connectionPoint, int portNumber, string searchRoot, string filter, SearchScope scope, string attributeList)
this leaves connectionPoint as a string.Empty, causing the dclocator service on the client to fall back to the machines domain. With a non-domain joined machine, this fails. I suspect the testing all was done on domain joined machines.
by passing the DistinguishedName object to the ActiveDirectoryAcls constructor, you can make the dn and domain name available .
By adding this line to the constructor, we allow the the proper connection.
this._targetDomain = targetDistinguishedName.DomainName.ToString();