使用Novell LDAP对.NET Core中的AD进行页面LDAP查询
[英]Page LDAP query against AD in .NET Core using Novell LDAP
问题描述
I am using the Novell LDAP library for making queries to an Active Directory from a .NET Code application. 
我正在使用Novell LDAP库从.NET代码应用程序向Active Directory进行查询。 Most of the queries succeed, but some return more than 1000 results, which the AD server refuses. 大多数查询都成功,但是有些查询返回了1000多个结果,AD服务器拒绝了该结果。 I therefore tried to find out how to page LDAP queries using Novell's library. 因此,我试图找出如何使用Novell的库对LDAP查询进行分页。 The solution I put together looks like 我放在一起的解决方案看起来像
public IEnumerable<LdapUser> GetUsers() {
this.Connect();
try {
var cntRead = 0; // Total users read.
int? cntTotal = null; // Users available.
var curPage = 0; // Current page.
var pageSize = this._config.LdapPageSize; // Users per page.
this.Bind();
this._logger.LogInformation("Searching LDAP users.");
do {
var constraints = new LdapSearchConstraints();
// The following has no effect:
//constraints.MaxResults = 10000;
// Commenting out the following succeeds until the 1000th entry.
constraints.setControls(GetListControl(curPage, pageSize));
var results = this._connection.Search(
this._config.LdapSearchBase,
this.LdapSearchScope,
this._config.LdapUsersFilter,
this.LdapUserProperties,
false,
constraints);
while (results.hasMore() && ((cntTotal == null) || (cntRead < cntTotal))) {
++cntRead;
LdapUser user = null;
try {
var result = results.next();
Debug.WriteLine($"Found user {result.DN}.");
user = new LdapUser() {
AccountName = result.getAttribute(this._config.LdapAccountAttribute)?.StringValue,
DisplayName = result.getAttribute(this._config.LdapDisplayNameAttribute)?.StringValue
};
} catch (LdapReferralException) {
continue;
}
yield return user;
}
++curPage;
cntTotal = GetTotalCount(results);
} while ((cntTotal != null) && (cntRead < cntTotal));
} finally {
this._connection.Disconnect();
}
}
and uses the following two helper methods: 并使用以下两种帮助方法:
private static LdapControl GetListControl(int page, int pageSize) {
Debug.Assert(page >= 0);
Debug.Assert(pageSize >= 0);
var index = page * pageSize + 1;
var before = 0;
var after = pageSize - 1;
var count = 0;
Debug.WriteLine($"LdapVirtualListControl({index}, {before}, {after}, {count}) = {before}:{after}:{index}:{count}");
return new LdapVirtualListControl(index, before, after, count);
}
private static int? GetTotalCount(LdapSearchResults results) {
Debug.Assert(results != null);
if (results.ResponseControls != null) {
var r = (from c in results.ResponseControls
let d = c as LdapVirtualListResponse
where (d != null)
select (LdapVirtualListResponse) c).SingleOrDefault();
if (r != null) {
return r.ContentCount;
}
}
return null;
}
Setting constraints.MaxResults does not seem to have an effect on the AD server. 设置constraints.MaxResults似乎对AD服务器没有影响。 If I do not set the LdapVirtualListControl , the retrieval succeeds until the 1000th entry was retrieved. 如果未设置LdapVirtualListControl ,则检索成功,直到检索到第1000个条目为止。
If I use the LdapVirtualListControl , the operation fails at the first call to results.next() with the following exception: 如果我使用LdapVirtualListControl ,则操作在第一次调用LdapVirtualListControl results.next()时失败,但以下情况除外:
System.Collections.Generic.KeyNotFoundException: The given key '76' was not present in the dictionary.
at System.Collections.Generic.Dictionary`2.get_Item(TKey key)
at Novell.Directory.Ldap.Utilclass.ResourcesHandler.getResultString(Int32 code, CultureInfo locale)
at Novell.Directory.Ldap.LdapResponse.get_ResultException()
at Novell.Directory.Ldap.LdapResponse.chkResultCode()
at Novell.Directory.Ldap.LdapSearchResults.next()
The code at https://github.com/dsbenghe/Novell.Directory.Ldap.NETStandard/blob/master/src/Novell.Directory.Ldap.NETStandard/Utilclass/ResultCodeMessages.cs suggests that this is just a follow-up error and the real problem is that the call fails with error code 76, which I do not know what it is. https://github.com/dsbenghe/Novell.Directory.Ldap.NETStandard/blob/master/src/Novell.Directory.Ldap.NETStandard/Utilclass/ResultCodeMessages.cs上的代码表明这只是一个后续错误真正的问题是调用失败并显示错误代码76,我不知道它是什么。 I therefore think that I am missing something in my query. 因此,我认为我在查询中丢失了一些内容。 What is wrong there? 那里怎么了
1 个解决方案
解决方案1
1 已采纳 2019-03-17 15:56:39
I fixed it - in case someone else runs into this: 我已修复-以防其他人遇到此问题:
After some Internet research, I found on https://ldap.com/ldap-result-code-reference-other-server-side-result-codes/#rc-virtualListViewError what error code 76 means and that the LdapVirtualListResponse contains more information. 经过一些互联网研究,我在https://ldap.com/ldap-result-code-reference-other-server-side-result-codes/#rc-virtualListViewError中发现了错误代码76的含义,并且LdapVirtualListResponse包含更多信息。 In my case, the error was https://ldap.com/ldap-result-code-reference-other-server-side-result-codes/#rc-sortControlMissing - so it seems that a sort control is required for paging. 就我而言,错误是https://ldap.com/ldap-result-code-reference-other-server-side-result-codes/#rc-sortControlMissing-因此看来分页需要排序控件。 In order to fix it, I added 为了修复它,我添加了
constraints.setControls(new[] {
new LdapSortControl(new LdapSortKey("cn"), true),
GetListControl(curPage, pageSize)
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.