[英]UserPrincipal GetUnderlyingObject: properties missing
我试图加载属性physicalDeliveryOfficeName
从DirectoryEntry
它由UserPrincipal实例的GetUnderlyingObject方法返回:
DirectoryEntry directoryEntry = principal.GetUnderlyingObject() as DirectoryEntry;
这意味着以下语句返回false:
directoryEntry.Properties.Contains("physicalDeliveryOfficeName");
我知道可以通过在使用所述DirectorySearcher
时将名称添加到StringCollection
DirectorySearcher.PropertiesToLoad
来加载此属性。
我的问题是,为什么GetUnderlyingObject
方法返回的DirectoryEntry
不包含所有属性? 如何在不使用DirectorySearcher
情况下加载此属性?
访问DirectoryEntry的所有字段是一个可能缓慢而繁重的操作。 某些字段可能无法复制到所有域控制器,因此引入这些值可能需要访问远程且访问速度较慢的全局编录(GC)服务器。
一旦掌握了DirectoryEntry并且想要提取特定值,就可以调用RefreshCache
方法,并为其传递所需属性的名称。
使用RefreshCache :
UserPrincipal up = ...
using (DirectoryEntry de = up.GetUnderlyingObject() as DirectoryEntry)
{
foreach (var name in de.Properties.PropertyNames)
{
Console.WriteLine(name);
}
Console.WriteLine();
// The canonicalName attribute is operational (also called constructed).
// Active Directory does not actually save the value, but calculates it on demand. This is probably the issue. In ADSI we use the GetInfoEx
de.RefreshCache(new string[] { "canonicalName" });
var canonicalName = de.Properties["canonicalName"].Value as string;
}
PropertyNames :
objectClass
cn
sn
givenName
distinguishedName
instanceType
whenCreated
whenChanged
displayName
uSNCreated
memberOf
uSNChanged
nTSecurityDescriptor
name
objectGUID
userAccountControl
badPwdCount
codePage
countryCode
badPasswordTime
lastLogoff
lastLogon
pwdLastSet
primaryGroupID
objectSid
accountExpires
logonCount
sAMAccountName
sAMAccountType
userPrincipalName
objectCategory
dSCorePropagationData
lastLogonTimestamp
缺少canonicalName属性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.