堆栈内存溢出
  简体   繁体   English

无法从 Active Directory 读取所有用户 - [DirectoryServicesCOMException] MoveNext()

[英]Cannot read all users from Active Directory - [DirectoryServicesCOMException] MoveNext()

 原文  2020-06-05 10:02:43       c#/ .net/ active-directory/ directoryservices/ directorysearcher

问题描述

My team is using a program written in C# to read all users from a specific OU.我的团队正在使用用 C# 编写的程序来读取特定 OU 中的所有用户。 The program behaves very strange.该程序的行为非常奇怪。 Sometimes it is working for a couple of weeks and then without any big changes on our AD or any other related component, it throws an exception.有时它工作了几个星期,然后我们的 AD 或任何其他相关组件没有任何大的变化,它就会引发异常。 Then it is not working for a couple of weeks and after some time it start to run normally again.然后它不工作了几个星期,一段时间后它又开始正常运行。

Code代码

    DirectoryEntry searchRoot = new DirectoryEntry("<LDAP string>")

    searchRoot.AuthenticationType = AuthenticationTypes.None;
    DirectorySearcher search = new DirectorySearcher(searchRoot);

    search.Filter = <our filter>;
    search.PropertiesToLoad.Add("<some property>");
    search.PageSize = 1;

    SearchResult result;
    SearchResultCollection resultCol = null;

    try
    {
      resultCol = search.FindAll();
    }
    catch (Exception ex)
    {
      Console.WriteLine(ex.ToString());
    }

    if (resultCol != null)
    {
      Console.WriteLine("Result Count: " + resultCol.Count); //.Count throws the Exception
    }

Exception例外

    Unhandled Exception: System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred.

      at System.DirectoryServices.SearchResultCollection.ResultsEnumerator.MoveNext()
      at System.DirectoryServices.SearchResultCollection.get_InnerList()
      at System.DirectoryServices.SearchResultCollection.get_Count()

Data: System.Collections.ListDictionaryInternal
Error Code: -2147016672
Extended Error: 8431
Extended Error Message: 000020EF: SvcErr: DSID-020A07A7, problem 5012 (DIR_ERROR), data -1018
HResult: -2147016672
Message: An operations error occured.
Source: System.DirectoryServices
Stack Trace: at System.DirectoryServices.SearchResultCollection.ResultsEnumerator.MoveNext()
Target Site: Boolean MoveNext()

Additional Information附加信息

  • Target Framework: .Net Framework 4.6.1 (no additional libraries)目标框架:.Net Framework 4.6.1(无附加库)
  • The program is executed on a domain controller该程序在域 controller 上执行

What I have tried我试过的

  • I have created a loop to use the MoveNext() function of the enumerator and found out that it loads results up to a specific element and then crashes我创建了一个循环来使用枚举器的 MoveNext() function 并发现它将结果加载到特定元素然后崩溃
  • It is always the same element它总是相同的元素
  • After the first exception all retries fail as well在第一个异常之后,所有重试也都失败了
  • The user that starts it is a domain admin (but I have also tried it with an enterprise admin account, so it is probably not a permission issue)启动它的用户是域管理员(但我也用企业管理员帐户尝试过,所以它可能不是权限问题)
  • I have deleted the user that should be read when the exception happens but dring the next run the exception was thrown for a previous user我已经删除了发生异常时应该读取的用户,但是在下一次运行时,为以前的用户引发了异常

I have come to a point, where I have no more ideas on solving this problem.我已经到了一个点,我对解决这个问题没有更多的想法。 I would appreciate all your support.感谢您的支持。

1 个解决方案

解决方案1
 0 已采纳  2020-06-05 14:05:05

This answer just summarizes our conversation in comments.这个答案只是在评论中总结了我们的对话。

This thread partially matches the error you are getting: 该线程部分匹配您收到的错误:

problem 5012 (DIR_ERROR) data -1018

And the answer from a Microsoft MVP is:来自 Microsoft MVP 的答案是:

That is a checksum error in the database, you have corruption in your database which is usually due to a failing disk or disk subsystem or possibly a system crash and data not being written from a write cache.这是数据库中的校验和错误,您的数据库中存在损坏,这通常是由于磁盘或磁盘子系统发生故障,或者可能是系统崩溃以及未从写入缓存写入数据。

So it sounds like you might have the same thing going on.所以听起来你可能有同样的事情发生。

But it may only be one DC that has the problem.但可能只有一个 DC 有问题。 So to help you narrow down which one, you can specify the DC in the LDAP path like so:因此,为了帮助您缩小范围,您可以在 LDAP 路径中指定 DC,如下所示:

LDAP://dc1.example.com/OU=Target,OU=My User Group,OU=My Users,DC=example,DC=com

This can help you in two ways:这可以通过两种方式帮助您:

  1. It can identify the bad DC so you know which one you need to fix (and possibly take it offline until it is fixed), and它可以识别坏 DC,以便您知道需要修复哪个 DC(并可能在修复之前将其离线),并且
  2. You can specifically target a good DC so your script will keep working.您可以专门针对一个好的 DC,以便您的脚本继续工作。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从Active目录中读取已删除的用户 - Read deleted users from Active directory UserPrincipal对象,Active Directory查询:DirectoryServicesCOMException - UserPrincipal Object, Active Directory Query: DirectoryServicesCOMException 如何从 Active Directory 中检索所有用户? - How to retrieve all users from Active Directory? 从Active Directory PrincipalContext获取所有用户 - Getting all users from Active Directory PrincipalContext 从Active Directory中的组中获取所有用户 - get all users from a group in Active Directory 从Active Directory组获取所有用户 - Get all users from Active Directory group 从活动目录访问所有用户 - Access all users from active directory 为什么DirectoryServicesCOMException从Web服务器以外的机器查询Active Directory? - Why does DirectoryServicesCOMException occur querying Active Directory from a machine other than the web server? 尝试访问活动目录时出现DirectoryServicesCOMException(0x80072030) - DirectoryServicesCOMException (0x80072030) when trying to access active directory 将所有用户从活动目录绑定到ListView控件? - bind all users from active directory to listview control?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM