目录搜索器过滤器未返回没有结果
绝对没有足够的经验,无法知道为什么没有返回结果。我不能使用PricipalContext库,并且必须使用“目录搜索器”选项。存在这样的组“ MB-X-approvers”,“ MB-Y-APPROVERS”,“ MB-Z-APPROVERS”,等等。
public IEnumerable<Mailbox> GetAprMailboxes()
{
IEnumerable<Mailbox> mailBoxes = new List<Mailbox>();
try
{
DirectorySearcher directorySearch = GetDirectorySearcher();
var who = @"CN=lastName\, Firstname,OU=USERS,OU=HOUSTON,DC=mydomain,DC=net"
var strFilter = "(&(objectCategory=group)(member=" + who + ")(cn=MB-*-Approvers))";
directorySearch.Filter = strFilter;
var searchResults = directorySearch.FindAll();
//Do stuff with results and add to mailbox list
return mailBoxes;
}
catch (Exception ex)
{
LogHelper.LogException(ex);
}
}
public DirectorySearcher GetDirectorySearcher()
{
DirectorySearcher directorySearch = null;
try
{
var baseEntry = new DirectoryEntry
{
Path = "LDAP://ldapquery.mydomain.net/DC=mydomain,DC=net",
Username = "ADUserName",
Password = "ADPassword",
AuthenticationType = AuthenticationTypes.Secure
};
directorySearch = new DirectorySearcher(baseEntry);
directorySearch.SearchScope = SearchScope.Subtree;
directorySearch.SizeLimit = 5000;
directorySearch.PageSize = 1000;
}
catch (Exception ex)
{
}
return directorySearch;
}
Definitely not experienced enough to know why this is returning no results. I cannot use the PricipalContext library and must use the Directory Searcher option in place. Groups exist like this "MB-X-Approvers", "MB-Y-Approvers", "MB-Z-Approvers", etc.
public IEnumerable<Mailbox> GetAprMailboxes()
{
IEnumerable<Mailbox> mailBoxes = new List<Mailbox>();
try
{
DirectorySearcher directorySearch = GetDirectorySearcher();
var who = @"CN=lastName\, Firstname,OU=USERS,OU=HOUSTON,DC=mydomain,DC=net"
var strFilter = "(&(objectCategory=group)(member=" + who + ")(cn=MB-*-Approvers))";
directorySearch.Filter = strFilter;
var searchResults = directorySearch.FindAll();
//Do stuff with results and add to mailbox list
return mailBoxes;
}
catch (Exception ex)
{
LogHelper.LogException(ex);
}
}
public DirectorySearcher GetDirectorySearcher()
{
DirectorySearcher directorySearch = null;
try
{
var baseEntry = new DirectoryEntry
{
Path = "LDAP://ldapquery.mydomain.net/DC=mydomain,DC=net",
Username = "ADUserName",
Password = "ADPassword",
AuthenticationType = AuthenticationTypes.Secure
};
directorySearch = new DirectorySearcher(baseEntry);
directorySearch.SearchScope = SearchScope.Subtree;
directorySearch.SizeLimit = 5000;
directorySearch.PageSize = 1000;
}
catch (Exception ex)
{
}
return directorySearch;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
通常,像“cn=MB-*-Approvers”这样的 DN 不适用于子字符串搜索。
因此,当使用 DN 语法时,客户端必须使用完全限定的 DN
可能需要尝试类似:
-jim
Generally, DNs like "cn=MB-*-Approvers" will not work for substring searches.
When using the DN syntax, therefore, the client must use the fully Qualified DN
Might want to try something like:
-jim