获取与域关联的其他 LDAP 查询字符串
我在 Softerra LDAP Administration 中有如下内容:
服务器:blah.gov
OU=域控制器等...
ldap://子域.blah.gov
我不知道如何在 C# 中获取其他 ldap 子域查询字符串。
我不知道还能如何解释,所以请提出问题,我会尽力澄清。
更新:这就是 Softerra LDAP Administrator 的样子。靠近底部的 ldap 查询不是上述节点的子节点,但不知何故,程序知道它们并在 GUI 中链接它们。如果我能弄清楚怎么做,那就可以解决我的问题。
I have in Softerra LDAP Administration something like the following:
server: blah.gov
OU=Domain Controllers etc...
ldap://subdomain.blah.gov
I can't figure out how to, in C#, get those other ldap subdomain query strings.
I'm not sure how else to explain it, so ask questions and I'll try to clarify.
Updated: This is what Softerra LDAP Administrator looks like. The ldap queries near the bottom are not children of the above node, but somehow, the program knows about them and linked them in the GUI. If I could figure out how, that would fix my problem.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您应该使用全局目录对整个森林进行全局搜索。如果将 DirectorySearcher 绑定到全局编录,它应该为您提供所有对象,包括您的子域。
如果您的林没有任何全局编录或者您没有权限绑定到全局编录(非常罕见),则必须枚举林中的所有域并一一执行 LDAP 查询并聚合结果靠你自己。
这是我起草的示例函数,供您参考。
You should use Global Catalog to do the global search on your whole forest. If you bind your DirectorySearcher to your global catalog, it should give you all the objects including your child domains.
If your forest doesn't have any global catalog or you don't have permission to bind to a global catalog (very rare), you have to enumerate all the domains in your forest and do the LDAP query one by one and aggregate the results on your own.
Here is a sample function that I draft for your reference.
查看我的 BeaverTail LDAP 浏览器 - 它是免费软件,采用 100% C# 代码,可在此处获取:
http://adsi.mvps.org/adsi/CSharp/beavertail.html
其中之一最有趣的 LDAP 地址是
LDAP://RootDSE
- 它将向您显示有关 AD 林和其他有趣内容的大量信息。如果您单击 Beavertail 浏览器中的根树节点,您将看到该有趣的系统节点的内容。Beavertail 还将向您显示 AD 层次结构以及构成该层次结构的 LDAP 路径。
这有帮助吗?
Check out my BeaverTail LDAP browser - it's freeware, in 100% C# code, and available right here:
http://adsi.mvps.org/adsi/CSharp/beavertail.html
One of the most interesting LDAP addresses to go to is
LDAP://RootDSE
- it will show you a plethora of information on your AD forest and other interesting stuff. If you click on the root tree node in my Beavertail browser, you'll see the contents of that interesting system node.Beavertail will also show you the AD hierarchy and show you what LDAP paths make up that hierachy.
Does that help at all??