System.DirectoryServices.Protocol搜索问题

Question

I'm trying to re write a search from System.DirectoryServices to System.DirectoryServices.Protocol

In S.DS I get all the requested attributes back, but in S.DS.P, I don't get the GUID, or the HomePhone...

The rest of it works for one user.

Any Ideas?

public static List<AllAdStudentsCV> GetUsersDistinguishedName( string domain, string distinguishedName )
        {
            try
            {

                NetworkCredential credentials               = new NetworkCredential( ConfigurationManager.AppSettings[ "AD_User" ], ConfigurationManager.AppSettings[ "AD_Pass" ] ); 
                LdapDirectoryIdentifier directoryIdentifier = new LdapDirectoryIdentifier( domain+":389" ); 

                using ( LdapConnection connection           = new LdapConnection( directoryIdentifier, credentials ) )
                {

                    SearchRequest searchRequest = new SearchRequest( );
                    searchRequest.DistinguishedName = distinguishedName;
                    searchRequest.Filter = "(&(objectCategory=person)(objectClass=user)(sn=Afcan))";//"(&(objectClass=user))";
                    searchRequest.Scope = SearchScope.Subtree;
                    searchRequest.Attributes.Add("name");
                    searchRequest.Attributes.Add("sAMAccountName");
                    searchRequest.Attributes.Add("uid");
                    searchRequest.Attributes.Add("telexNumber"); // studId
                    searchRequest.Attributes.Add("HomePhone"); //ctrId
                    searchRequest.SizeLimit = Int32.MaxValue;
                    searchRequest.TimeLimit = new TimeSpan(0, 0, 45, 0);// 45 min - EWB

                    SearchResponse searchResponse = connection.SendRequest(searchRequest) as SearchResponse;

                    if (searchResponse == null) return null;

                    List<AllAdStudentsCV> users = new List<AllAdStudentsCV>();

                    foreach (SearchResultEntry entry in searchResponse.Entries)
                    {
                        AllAdStudentsCV user = new AllAdStudentsCV();

                        user.Active = "Y";
                        user.CenterName = "";
                        user.StudId = GetstringAttributeValue(entry.Attributes, "telexNumber");
                        user.CtrId = GetstringAttributeValue(entry.Attributes, "HomePhone");
                        user.Guid = GetstringAttributeValue(entry.Attributes, "uid");
                        user.Username = GetstringAttributeValue(entry.Attributes, "sAMAccountName");

                        users.Add(user);
                    }

                    return users;
                }
            }
            catch (Exception ex)
            {
                throw;
            }
        }

Also, if I want to fetch EVERY user in AD, so I can synch data with my SQL DB, how do I do that, I Kept getting max size exceeded, errors. I set the size to maxInt32... is there an "ignore size" option?

Thanks,

Eric-

Answer 1

I think that the standard way is to use System.DirectoryServices, not System.DirectoryServices.Protocol. Why do you want to user the later ?

Concerning your second question about the error message "max sized exceeded", it may be because you try to fetch too many entries at once.
Active Directory limits the number of objects returned by query, in order to not overload the directory (the limit is something like 1000 objects). The standard way to fetch all the users is using paging searchs.

The algorithm is like this:

1. You construct the query that will fetch all the users
2. You specify a specific control (Paged Result Control) in this query indicating that this is a paged search, with 500 users per page
3. You launch the query, fetch the first page and parse the first 500 entries in that page
4. You ask AD for the next page, parse the next 500 entries
5. Repeat until there are no pages left