[英]Could not query AD without distinguished name in SearchRequest?
I am running a test Active directory and am trying to query with ldap.我正在运行一个测试活动目录并尝试使用 ldap 进行查询。 I created a searchrequest object with distingueshed name empty and a filter this is throwing noSuchObject error code with "object does not exist" message.
我创建了一个搜索请求 object,其可分辨名称为空,过滤器抛出 noSuchObject 错误代码并显示“对象不存在”消息。 I am only getting this from my test AD, if I use my company's production AD I am not getting exception, just a response with no hit.
我只是从我的测试广告中得到这个,如果我使用我公司的生产广告,我没有得到异常,只是没有命中的响应。 What do I need to change in my test AD to see similar behaviour?
我需要在我的测试广告中进行哪些更改才能看到类似的行为?
You can use a PrincipalSearcher
and a "query-by-example" principal to do your searching:您可以使用
PrincipalSearcher
和“示例查询”主体进行搜索:
// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// define a "query-by-example" principal - here, we search for a UserPrincipal
// and with specified last name (surname)
UserPrincipal qbeUser = new UserPrincipal(ctx);
qbeUser.Surname = "Willis";
// create your principal searcher passing in the QBE principal
PrincipalSearcher srch = new PrincipalSearcher(qbeUser);
// find all matches
foreach(var found in srch.FindAll())
{
// do whatever here - "found" is of type "Principal" - it could be user, group, computer.....
}
If you haven't already - absolutely read the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 which shows nicely how to make the best use of the new features in System.DirectoryServices.AccountManagement
如果您还没有 - 绝对阅读 MSDN 文章在 .NET 框架 3.5 中管理目录安全主体,它很好地展示了如何充分利用
System.DirectoryServices.AccountManagement
中的新功能
Of course, depending on your need, you might want to specify other properties on that "query-by-example" user principal you create:当然,根据您的需要,您可能希望在您创建的“示例查询”用户主体上指定其他属性:
Surname
(or last name) Surname
(或姓氏)DisplayName
(typically: first name + space + last name) DisplayName
(通常:名字 + 空格 + 姓氏)SAM Account Name
- your Windows/AD account name SAM Account Name
- 您的 Windows/AD 帐户名称User Principal Name
- your "username@yourcompany.com" style name User Principal Name
- 您的“username@yourcompany.com”样式名称You can specify any of the properties on the UserPrincipal
and use those as "query-by-example" for your PrincipalSearcher
.您可以在
UserPrincipal
上指定任何属性,并将这些属性用作PrincipalSearcher
的“示例查询”。
@marc_s answered by giving you a way of searching @marc_s 通过给你一种搜索方式来回答
Back to your question, just a recall:回到你的问题,回想一下:
A LDAP search is A LDAP 搜索是
In you case it works when your ADSI layer is able to find a default Domain.在您的情况下,当您的 ADSI 层能够找到默认域时,它就可以工作。 So I think that you have to create a real LDAP-SEARCH request en perhaps also give credentials.
所以我认为你必须创建一个真正的 LDAP-SEARCH 请求,也许还需要提供凭据。
Thanks for the other answers.感谢其他答案。 I solved my problem by using GC port 3268 instead of DC port 389 in the connection.
我通过在连接中使用 GC 端口 3268 而不是 DC 端口 389 解决了我的问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.