当我运行这个查询时
// Next row is used to login to AD
DirectoryEntry entry = GetEntry(domain, adminUser, adminPassword);
// Here starts the query
DirectorySearcher search = new DirectorySearcher(entry)
{
SearchScope = SearchScope.Subtree,
Filter = "(&" +
"(objectClass=user)" +
// "(distinguishedname=*OU=Ingegneria*)" +
"(givenname=s*)" +
"(samaccountname=*100)" +
")"
};
search.PropertiesToLoad.Add("distinguishedname");
SearchResultCollection result = search.FindAll();
我得到了六个条目,这是正确的.
所有记录,如果我使用 record.GetDirectoryEntry()
有
I get six entries and that's correct.
All records, if I use record.GetDirectoryEntry()
have
distinguishedname: CN=xxx,OU=Utenti,OU=Ingegneria,DC=xxx,DC=xxx
无论如何,如果我删除对过滤器 distinguishedname
部分的评论,我会得到零个条目!!
我也尝试使用 search.PropertiesToLoad.Add("distinguishedname");
没有运气.
如何在过滤器中搜索 distinguishedname
?
Anyway if I remove comment on distinguishedname
part of the filter, I get zero entries!!
I also tried to use search.PropertiesToLoad.Add("distinguishedname");
without luck.
How can I search distinguishedname
in filter?
更新:
如果我尝试在 filter 中使用 "(distinguishedname=*)" +
,我仍然得到六条记录,所以我想我可以搜索专有名称...
更新2:
我还尝试在 使用指向 OU 的部分路径在 Active Directory 中搜索 OU:
UPDATE:
If I try to use "(distinguishedname=*)" +
in filter , I still get six records, so I think I can search on distinguishedname...
UPDATE2:
I also tried to use code in Search Active Directory for an OU using a partial path to the OU:
Filter = "(&(objectClass=user)(ou=Ingegneria))";
但是我有零个条目(如果我删除 (objectClass=user)
部分,我会得到两个)
but I have zero entries (I got two if I remove (objectClass=user)
part)
如果你只想查询那个,那么你应该在你的初始连接中绑定到那个容器:
If you want to query just that then you should bind to that container in your initial connect:
// Next row is used to login to AD
string ldapPath = "LDAP://OU=Ingegneria,DC=xxx,DC=xxx";
DirectoryEntry searchRoot = GetEntry(ldapPath, adminUser, adminPassword);
// Here starts the query
DirectorySearcher search = new DirectorySearcher(searchRoot)
{
SearchScope = SearchScope.Subtree,
Filter = "(&" +
"(objectClass=user)" +
"(givenname=s*)" +
"(samaccountname=*100)" +
")"
};
search.PropertiesToLoad.Add("distinguishedname");
SearchResultCollection result = search.FindAll();
这样,您还可以大幅减少 AD 中需要搜索的空间,从而加快搜索速度.
That way, you also massively reduce the space in AD that needs to be searched, thus speeding up your search.
如果您使用 .NET 3.5 或更新版本,您可以使用 PrincipalSearcher
和query-by-example"主体进行搜索:
And if you're using .NET 3.5 or newer, you can use a PrincipalSearcher
and a "query-by-example" principal to do your searching:
// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "YOURDOMAIN", "OU=Ingegneria,DC=xxx,DC=xxx");
// define a "query-by-example" principal - here, we search for a UserPrincipal
UserPrincipal qbeUser = new UserPrincipal(ctx);
qbeUser.GivenName = "s*";
qbeUser.SamAccountName = "*100";
// create your principal searcher passing in the QBE principal
PrincipalSearcher srch = new PrincipalSearcher(qbeUser);
// find all matches
foreach(var found in srch.FindAll())
{
// do whatever here - "found" is of type "Principal"
UserPrincipal userFound = found as UserPrincipal;
if(userFound != null)
{
// do something with your user principal here....
}
}
如果您还没有 - 绝对阅读 MSDN 文章管理目录安全主体在 .NET Framework 3.5 中很好地展示了如何充分利用 System.DirectoryServices.AccountManagement
If you haven't already - absolutely read the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 which shows nicely how to make the best use of the new features in System.DirectoryServices.AccountManagement
这篇关于目录搜索器过滤器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!