本文介绍了从AD获取用户详细信息的速度很慢的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用以下代码从特定部门获取有关员工的一堆信息,并从AD返回列表...

Im using the following code to get a bunch of information about employees from specific departments and returning a list from AD...

虽然有效,但速度似乎很慢,有没有一种更有效的方式来从AD获取各种用户详细信息?

Whilst it works, it appears to be quite slow, is a there more efficient way of getting various user details from AD?

public static List<Employee> GetEmployeeListForDepartment(string departpment)
        {
            using (HostingEnvironment.Impersonate())
            {

                PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domain);
                GroupPrincipal gp = GroupPrincipal.FindByIdentity(ctx, departpment);
                PrincipalSearchResult<Principal> members = gp.GetMembers();
                List<Employee> employees = new List<Employee>();
                foreach (var member in members)
                {
                    var emp = CreateEmployee(member);
                    employees.Add(emp);
                }
                return employees.OrderBy(x => x.FirstName).ToList();
            }
        }

        private static Employee CreateEmployee(Principal member)
        {
            if (member != null)
            {
                DirectoryEntry de = (member.GetUnderlyingObject() as DirectoryEntry);
                if (de != null)
                {

                    string mobile = de.Properties.Contains("mobile") ? de.Properties["mobile"][0].ToString() : "";
                    string title = de.Properties.Contains("description") ? de.Properties["description"][0].ToString() : "";

//ETC ETC...
                    return new Employee { etc.. };

                }

            }
            return new Employee();
        }

推荐答案

您的问题是您正在使用System.DirectoryServices.AccountManagement ...虽然我讨厌这么说,但这真是可惜. AccountManagement的工作方式是运行单独的LDAP查询以分别检索每个项目.因此,当您遍历成员时,它会通过LDAP为每个成员进行单独的回调.您要做的是使用System.DirectoryServices.DirectorySearcher运行LDAP查询.

Your problem is that you are using System.DirectoryServices.AccountManagement... While I hate saying it, it's sadly the truth. The way AccountManagement works under the hood is that it runs a seperate LDAP query to retrieve each item seperately. So when you iterate through members it's making a seperate call back through LDAP for each member. What you want to do instead is run an LDAP query using System.DirectoryServices.DirectorySearcher.

我的假设是,部门是一个小组,取决于您的使用方式.这就是我要怎么做. (我的代码在VB.Net中...对不起).确保获取您组的完全合格的DN,或者提前查找并将其插入查询中.

My assumption is that department is a group, based on how you are using it. Here is how I would do it. (my code is in VB.Net... sorry). Make sure to get the fully qualified DN for your group, or look it up in advance and plug it into the query.

Dim results = LDAPQuery("(memberOf=CN=Fully,OU=Qualified,DC=Group,DC=Distinguished,DC=Name)", New String() {"mobile", "description"})

Dim emps = (from c as System.DirectoryServices.SearchResult in results _
             Select New Employee() {.Name = c.Properties("description"), .Mobile = c.Properties("mobile")}).ToList()

Public Function LDAPQuery(ByVal query As String, ByVal attributes As String()) As SearchResultCollection
    'create directory searcher from CurrentADContext (no special security available)
    Dim ds As New DirectorySearcher(System.DirectoryServices.ActiveDirectory.Domain.GetCurrentDomain().GetDirectoryEntry())
    ds.PageSize = 1000

    'set filter string
    ds.Filter = query

    'specify properties to retrieve
    ds.PropertiesToLoad.AddRange(attributes)

    'get results
    Dim results As SearchResultCollection = ds.FindAll()

    Return results
End Function

这篇关于从AD获取用户详细信息的速度很慢的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-05 15:51