System.DirectoryServices.Protocol搜索问题

发布于 12-02 16:56 字数 2869 浏览 1 评论 0原文

我正在尝试重新编写从 System.DirectoryServices 到 System.DirectoryServices.Protocol 的搜索

在 S.DS 中我得到了所有请求的属性,但在 S.DS.P 中,我没有得到 GUID 或 HomePhone ...

其余部分适用于一名用户。

有什么想法吗?

public static List<AllAdStudentsCV> GetUsersDistinguishedName( string domain, string distinguishedName )
        {
            try
            {

                NetworkCredential credentials               = new NetworkCredential( ConfigurationManager.AppSettings[ "AD_User" ], ConfigurationManager.AppSettings[ "AD_Pass" ] ); 
                LdapDirectoryIdentifier directoryIdentifier = new LdapDirectoryIdentifier( domain+":389" ); 

                using ( LdapConnection connection           = new LdapConnection( directoryIdentifier, credentials ) )
                {

                    SearchRequest searchRequest = new SearchRequest( );
                    searchRequest.DistinguishedName = distinguishedName;
                    searchRequest.Filter = "(&(objectCategory=person)(objectClass=user)(sn=Afcan))";//"(&(objectClass=user))";
                    searchRequest.Scope = SearchScope.Subtree;
                    searchRequest.Attributes.Add("name");
                    searchRequest.Attributes.Add("sAMAccountName");
                    searchRequest.Attributes.Add("uid");
                    searchRequest.Attributes.Add("telexNumber"); // studId
                    searchRequest.Attributes.Add("HomePhone"); //ctrId
                    searchRequest.SizeLimit = Int32.MaxValue;
                    searchRequest.TimeLimit = new TimeSpan(0, 0, 45, 0);// 45 min - EWB

                    SearchResponse searchResponse = connection.SendRequest(searchRequest) as SearchResponse;

                    if (searchResponse == null) return null;

                    List<AllAdStudentsCV> users = new List<AllAdStudentsCV>();

                    foreach (SearchResultEntry entry in searchResponse.Entries)
                    {
                        AllAdStudentsCV user = new AllAdStudentsCV();

                        user.Active = "Y";
                        user.CenterName = "";
                        user.StudId = GetstringAttributeValue(entry.Attributes, "telexNumber");
                        user.CtrId = GetstringAttributeValue(entry.Attributes, "HomePhone");
                        user.Guid = GetstringAttributeValue(entry.Attributes, "uid");
                        user.Username = GetstringAttributeValue(entry.Attributes, "sAMAccountName");

                        users.Add(user);
                    }

                    return users;
                }
            }
            catch (Exception ex)
            {
                throw;
            }
        }

另外,如果我想获取 AD 中的每个用户,以便我可以与 SQL DB 同步数据,我该怎么做,我不断收到超过最大大小的错误。我将大小设置为 maxInt32...是否有“忽略大小”选项?

谢谢,

埃里克-

I'm trying to re write a search from System.DirectoryServices to System.DirectoryServices.Protocol

In S.DS I get all the requested attributes back, but in S.DS.P, I don't get the GUID, or the HomePhone...

The rest of it works for one user.

Any Ideas?

public static List<AllAdStudentsCV> GetUsersDistinguishedName( string domain, string distinguishedName )
        {
            try
            {

                NetworkCredential credentials               = new NetworkCredential( ConfigurationManager.AppSettings[ "AD_User" ], ConfigurationManager.AppSettings[ "AD_Pass" ] ); 
                LdapDirectoryIdentifier directoryIdentifier = new LdapDirectoryIdentifier( domain+":389" ); 

                using ( LdapConnection connection           = new LdapConnection( directoryIdentifier, credentials ) )
                {

                    SearchRequest searchRequest = new SearchRequest( );
                    searchRequest.DistinguishedName = distinguishedName;
                    searchRequest.Filter = "(&(objectCategory=person)(objectClass=user)(sn=Afcan))";//"(&(objectClass=user))";
                    searchRequest.Scope = SearchScope.Subtree;
                    searchRequest.Attributes.Add("name");
                    searchRequest.Attributes.Add("sAMAccountName");
                    searchRequest.Attributes.Add("uid");
                    searchRequest.Attributes.Add("telexNumber"); // studId
                    searchRequest.Attributes.Add("HomePhone"); //ctrId
                    searchRequest.SizeLimit = Int32.MaxValue;
                    searchRequest.TimeLimit = new TimeSpan(0, 0, 45, 0);// 45 min - EWB

                    SearchResponse searchResponse = connection.SendRequest(searchRequest) as SearchResponse;

                    if (searchResponse == null) return null;

                    List<AllAdStudentsCV> users = new List<AllAdStudentsCV>();

                    foreach (SearchResultEntry entry in searchResponse.Entries)
                    {
                        AllAdStudentsCV user = new AllAdStudentsCV();

                        user.Active = "Y";
                        user.CenterName = "";
                        user.StudId = GetstringAttributeValue(entry.Attributes, "telexNumber");
                        user.CtrId = GetstringAttributeValue(entry.Attributes, "HomePhone");
                        user.Guid = GetstringAttributeValue(entry.Attributes, "uid");
                        user.Username = GetstringAttributeValue(entry.Attributes, "sAMAccountName");

                        users.Add(user);
                    }

                    return users;
                }
            }
            catch (Exception ex)
            {
                throw;
            }
        }

Also, if I want to fetch EVERY user in AD, so I can synch data with my SQL DB, how do I do that, I Kept getting max size exceeded, errors. I set the size to maxInt32... is there an "ignore size" option?

Thanks,

Eric-

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

抠脚大汉2024-12-09 16:56:59

我认为标准方法是使用 System.DirectoryServices,而不是 System.DirectoryServices.Protocol。为什么要使用后者?

关于关于错误消息“超出最大大小”的第二个问题,可能是因为您尝试一次获取太多条目。
Active Directory 限制查询返回的对象数量,以免目录过载(限制约为 1000 个对象)。获取所有用户的标准方法是使用分页搜索。

该算法如下所示:

  1. 您构建将获取所有用户的查询
  2. 您在此查询中指定一个特定的控件(分页结果控件),表明这是
    分页搜索,每页 500 个用户
  3. 您启动查询,获取第一页并解析中的前 500 个条目
    该页
  4. 您向 AD 询问下一页,解析接下来的 500 个条目
  5. 重复直到没有剩余页面

I think that the standard way is to use System.DirectoryServices, not System.DirectoryServices.Protocol. Why do you want to user the later ?

Concerning your second question about the error message "max sized exceeded", it may be because you try to fetch too many entries at once.
Active Directory limits the number of objects returned by query, in order to not overload the directory (the limit is something like 1000 objects). The standard way to fetch all the users is using paging searchs.

The algorithm is like this:

  1. You construct the query that will fetch all the users
  2. You specify a specific control (Paged Result Control) in this query indicating that this is
    a paged search, with 500 users per page
  3. You launch the query, fetch the first page and parse the first 500 entries in
    that page
  4. You ask AD for the next page, parse the next 500 entries
  5. Repeat until there are no pages left
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文