System.DirectoryServices很慢?
[英]System.DirectoryServices is slow?
问题描述
I'm using the code below to look up information in active directory when a user logs on to a website. 
当用户登录网站时,我正在使用以下代码在Active Directory中查找信息。 Running against a local domain it's very quick, but running over a VPN to a remote trusted domain, it's very slow (takes around 7 or 8 seconds). 对本地域运行它非常快,但是通过VPN运行到远程可信域,它非常慢(需要大约7或8秒)。 Running dsa.msc from the same box to the remote domain is almost as quick as running it locally. 将dsa.msc从同一个盒子运行到远程域几乎和在本地运行它一样快。
I'm using property filtering to retrieve the minimum amount of data possible, so is there something inherently slow about System.DirectoryServices in this scenario, or does anyone have any hints on how to improve the performance? 我正在使用属性过滤来检索可能的最小数据量,因此在这种情况下System.DirectoryServices是否存在某些内在缓慢的问题,或者是否有人对如何提高性能有任何提示?
The network connection across the VPN is fine, it's only this code that runs slowly. 通过VPN的网络连接很好,只有这个代码运行缓慢。
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.DirectoryServices;
namespace ConsoleApplication1
{
class Program
{
static void Main(string[] args)
{
using (var LDAPConnection = new DirectoryEntry("LDAP://domain/dc=domain,dc=com", "username", "password"))
{
LDAPConnection.AuthenticationType = AuthenticationTypes.Secure;
using (DirectorySearcher Searcher = new DirectorySearcher(LDAPConnection))
{
Searcher.Filter = "(&(&(objectclass=user)(objectcategory=person))sAMAccountName=username)";
Searcher.PropertiesToLoad.Add("mail");
SearchResult result = Searcher.FindOne(); //this line takes ages!
string EmailAddress = result.Properties["mail"][0].ToString();
Console.WriteLine(EmailAddress);
}
}
}
}
}
2 个解决方案
解决方案1
5 已采纳 2009-12-04 12:22:11
Another suggestion is to use System.DirectoryServices.Protocols directly; 另一个建议是直接使用System.DirectoryServices.Protocols ; you code will look like: 你的代码看起来像:
string filter = "(&(&(objectclass=user)(objectcategory=person))" +
"sAMAccountName=username)";
NetworkCredential credentials = new NetworkCredential(...);
LdapDirectoryIdentifier directoryIdentifier =
new LdapDirectoryIdentifier("server", 389, false, false);
using (LdapConnection connection =
new LdapConnection(directoryIdentifier, credentials, AuthType.Basic))
{
connection.Timeout = new TimeSpan(0, 0, 30);
connection.SessionOptions.ProtocolVersion = 3;
SearchRequest search =
new SearchRequest(query, filter, SearchScope.Base, "mail");
SearchResponse response = connection.SendRequest(search) as SearchResponse;
foreach(SearchResultEntry entry in response.Entries)
{
Console.WriteLine(entry.Attributes["mail"][0]);
}
}
解决方案2
1 2009-12-04 12:06:01
I have never tried the scenario you are describing (connecting over VPN to Active Directory) but the line you marked is the line that causes the connection to be opened. 我从未尝试过您描述的场景(通过VPN连接到Active Directory),但您标记的线路是导致连接打开的线路。 You are not connected to the server before calling FindOne. 在调用FindOne之前,您没有连接到服务器。 My guess is that establishing the connection lasts 7-8 secs. 我的猜测是建立连接持续7-8秒。
If you cannot find exact answer on stackoverflow try this forum: http://directoryprogramming.net/forums/default.aspx (I'm not saying that stackoverflow is not helpful, but I found some answers to my ad/ldap questions on DirectoryProgramming.net forum). 如果你无法在stackoverflow上找到确切的答案,试试这个论坛: http : //directoryprogramming.net/forums/default.aspx (我不是说stackoverflow没有帮助,但我在DirectoryProgramming上找到了我的ad / ldap问题的一些答案.net论坛)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.