使用 ManagedBy 属性的 Active Directory C#
我们有几个呼叫中心,每个呼叫中心在 Active Directory 中都有自己的组,其中包含在该呼叫中心工作的所有代理。呼叫中心可能有多个主管,因此我让帮助台的某人设置活动目录,如下所示:
亚特兰大呼叫中心
- Agent1
- Agent2
- Agent3
然后:
亚特兰大呼叫中心 - 主管
- Supervisor1
- Supervisor2
以及呼叫中心组的 ManagedBy 属性设置为主管的组。
目前我必须使用主管组的完整distinguishedname来查询它。
我只想对登录的主管运行查询以获取该主管的组名称managementBy。关于更好方法的任何建议。我实际上已经让网络管理员正在调查这个问题。我想他知道该怎么做,但我已经把这个打出来了,所以我会看看你们怎么说。
这是我们的网络管理员刚刚就这个问题所说的。
在 AD 中使用 OU 的属性并不是处理此类问题的好习惯。该问题只能通过组和用户来处理。 OU 应用于对象的逻辑组织以实现管理目的。
Label1.Text = getCallCenterGroup("CN=******Supervisors,OU=Groups,OU=*******,OU=Locations,DC=******,DC=local");
protected string getCallCenterGroup(string user)
{
DirectoryEntry searchRoot = new DirectoryEntry("LDAP://******");
DirectorySearcher search = new DirectorySearcher(searchRoot);
search.Filter = "(managedBy=" + user + ")";
search.PropertiesToLoad.Add("managedBy");
search.PropertiesToLoad.Add("distinguishedName");
search.PropertiesToLoad.Add("cn");
SearchResultCollection groups = search.FindAll();
foreach (SearchResult sr in groups)
{
return sr.Properties["cn"][0].ToString();
}
return null;
}
We have several call centers each with has its own group in the Active Directory that contains all the agents working at that call center. There it is possible for the call center to have multiple supervisors so I got someone at our helpdesk to setup the active directory like this:
Atlanta Call Center
- Agent1
- Agent2
- Agent3
Then:
Atlanta Call Center - Supervisors
- Supervisor1
- Supervisor2
And the Call Center Group's managedBy attribute is set to the supervisor's group.
Currently I have to query it using the full distinguishedname of the supervisors group.
I would like to just run a query on the supervisor logged in to get the group name managedBy that supervisor. Any suggestions on a better approach. I've actually got the network admin looking into the issue now. I think he knows what to do but I already typed this out so I'll see what you guys say.
This is what our network admin just said on the issue.
Using a property of a OU in the AD is not a good practice for handling issue such as this. The issue should be handled via groups and users only. OUs should be used for logical organization of objects for management purposes.
Label1.Text = getCallCenterGroup("CN=******Supervisors,OU=Groups,OU=*******,OU=Locations,DC=******,DC=local");
protected string getCallCenterGroup(string user)
{
DirectoryEntry searchRoot = new DirectoryEntry("LDAP://******");
DirectorySearcher search = new DirectorySearcher(searchRoot);
search.Filter = "(managedBy=" + user + ")";
search.PropertiesToLoad.Add("managedBy");
search.PropertiesToLoad.Add("distinguishedName");
search.PropertiesToLoad.Add("cn");
SearchResultCollection groups = search.FindAll();
foreach (SearchResult sr in groups)
{
return sr.Properties["cn"][0].ToString();
}
return null;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
ManagedBy 是一个链接属性,因此您可以查询它的唯一语法是您要匹配的对象的 DN。不过,我不确定这是我的问题还是我误解了。
在一个单独的线程中,我不太同意网络管理员关于不扩展 OU 的观点,但是,这是一个单独的讨论。
managedBy is a linked attribute so the only syntax you can query it with is the DN of the object you want to match on. I'm not sure if that was the question or if I'm misunderstanding, though.
On a seperate thread, I don't really agree with your network admin about not extending OUs, but, that's a seperate discussion.