问题描述
当我运行此查询
// Next row is used to login to AD
DirectoryEntry entry = GetEntry(domain, adminUser, adminPassword);
// Here starts the query
DirectorySearcher search = new DirectorySearcher(entry)
{
SearchScope = SearchScope.Subtree,
Filter = "(&" +
"(objectClass=user)" +
// "(distinguishedname=*OU=Ingegneria*)" +
"(givenname=s*)" +
"(samaccountname=*100)" +
")"
};
search.PropertiesToLoad.Add("distinguishedname");
SearchResultCollection result = search.FindAll();
我得到六个条目,这就是正确的。
所有的记录,如果我使用 record.GetDirectoryEntry()有
I get six entries and that's correct.
All records, if I use record.GetDirectoryEntry() have
distinguishedname: CN=xxx,OU=Utenti,OU=Ingegneria,DC=xxx,DC=xxx
无论如何,如果我删除评论过滤器的的distinguishedName 部分,我得到零项!
我还试图用 search.PropertiesToLoad.Add(distinguishedName来); 没有运气
如何搜索的distinguishedName 过滤器?
Anyway if I remove comment on distinguishedname part of the filter, I get zero entries!!
I also tried to use search.PropertiesToLoad.Add("distinguishedname"); without luck.
How can I search distinguishedname in filter?
更新:
如果我尝试使用(的distinguishedName = *)+ 过滤器,我仍然得到六个记录,所以我想我可以的distinguishedName ...搜索列表 UPDATE2:
我还试图用code在Search使用部分路径OU 一个OU的Active Directory:
UPDATE:
If I try to use "(distinguishedname=*)" + in filter , I still get six records, so I think I can search on distinguishedname...
UPDATE2:
I also tried to use code in Search Active Directory for an OU using a partial path to the OU:
Filter = "(&(objectClass=user)(ou=Ingegneria))";
但我有零项(我有两个,如果我删除(对象类=用户)部分)
推荐答案
如果要查询这一点,那么你应该绑定以该容器在初始连接:
If you want to query just that then you should bind to that container in your initial connect:
// Next row is used to login to AD
string ldapPath = "LDAP://OU=Ingegneria,DC=xxx,DC=xxx";
DirectoryEntry searchRoot = GetEntry(ldapPath, adminUser, adminPassword);
// Here starts the query
DirectorySearcher search = new DirectorySearcher(searchRoot)
{
SearchScope = SearchScope.Subtree,
Filter = "(&" +
"(objectClass=user)" +
"(givenname=s*)" +
"(samaccountname=*100)" +
")"
};
search.PropertiesToLoad.Add("distinguishedname");
SearchResultCollection result = search.FindAll();
这样的话,你也大量减少空间公元需要进行搜索,从而加快搜索。
That way, you also massively reduce the space in AD that needs to be searched, thus speeding up your search.
如果您使用的是.NET 3.5或更高版本,可以使用 PrincipalSearcher 和查询通过例如主要做你的搜索:
And if you're using .NET 3.5 or newer, you can use a PrincipalSearcher and a "query-by-example" principal to do your searching:
// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "YOURDOMAIN", "OU=Ingegneria,DC=xxx,DC=xxx");
// define a "query-by-example" principal - here, we search for a UserPrincipal
UserPrincipal qbeUser = new UserPrincipal(ctx);
qbeUser.GivenName = "s*";
qbeUser.SamAccountName = "*100";
// create your principal searcher passing in the QBE principal
PrincipalSearcher srch = new PrincipalSearcher(qbeUser);
// find all matches
foreach(var found in srch.FindAll())
{
// do whatever here - "found" is of type "Principal"
UserPrincipal userFound = principal as UserPrincipal;
if(userFound != null)
{
// do something with your user principal here....
}
}
如果您还没有 - 绝对阅读MSDN文章管理目录安全主体在.NET Framework 3.5 这表明很好如何使新功能的最佳使用 System.DirectoryServices.AccountManagement
If you haven't already - absolutely read the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 which shows nicely how to make the best use of the new features in System.DirectoryServices.AccountManagement
这篇关于DirectorySearcher从过滤器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!