[英]Get Global Catalog for a given LDAP server
首先是問題,稍后是解釋: 如何獲得給定LDAP服務器的GC服務器?
為了理解我的需求,讓我解釋一下:
我必須擴展Henning Krause的ExchangeAddressListService (我不確定是否應該/可以將Henning的所有代碼都放到這篇文章中嗎?)以獲得有用的調試輸出:
private DirectoryEntry GetDirectoryEntry(string path, string protocol)
{
var ldapPath = string.IsNullOrEmpty(path) ? string.Format("{0}:", protocol) : string.Format("{0}://{1}", protocol, path);
dbg.Add("Getting DirectoryEntry for path " + ldapPath);
return new DirectoryEntry(ldapPath);
}
public ActiveDirectoryConnection(Debug dbg)
{
this.dbg = dbg;
}
並允許選擇某個域:
internal AddressList(string path, ActiveDirectoryConnection connection, string domain)
{
_Path = path;
_Connection = connection;
_Domain = domain;
}
...
private IEnumerable<AddressList> GetAddressLists(string containerName)
{
string exchangeRootPath;
using (var root = _Connection.GetLdapDirectoryEntry(_Domain+"/RootDSE"))
...
foreach (SearchResult addressBook in searchResultCollection)
{
yield return
new AddressList((string)addressBook.Properties["distinguishedName"][0], _Connection, _Domain);
}
...
}
現在我對域有問題,因為似乎對於某些域SOMEDOMAIN ,無法通過GC://SOMEDOMAIN訪問全局目錄。 這是我使用的代碼:
var domain = User.Identity.Name.Split('\\')[0]; // SOMEDOMAIN\SomeUser -> Domain is SOMEDOMAIN
dbg.Add("User NETBIOS domain is "+domain);
AddressListService addressListService = new ExchangeAddressListService(connection,domain);
IEnumerable<AddressList> addressLists = addressListService.GetGlobalAddressLists();
AddressList addressList = addressLists.First()
try {
IEnumerable<SearchResult> searchResults = addressList.GetMembers("displayName", "distinguishedname", "mail")
} catch(Exception e) {
dbg.Add("Error in GetMembers: "+e.Message);
return new AjaxAnswer(dbg.Flush());
}
它產生錯誤日志:
User NETBIOS domain is SOMEDOMAIN
Getting DirectoryEntry for path LDAP://SOMEDOMAIN/RootDSE
Getting DirectoryEntry for path LDAP://CN=Microsoft Exchange, CN=Services, CN=Configuration,DC=somedomain,DC=net
Getting DirectoryEntry for path LDAP://CN=All Global Address Lists,CN=Address Lists Container, CN=MYMAIL,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=somedomain,DC=net
Getting DirectoryEntry for path LDAP://CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=MYMAIL,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=somedomain,DC=net
Getting DirectoryEntry for path GC://SOMEDOMAIN
Error in GetMembers: The server is not operational.
並非所有DC都是GC。 因此,如果SOMEDOMAIN不是GC, GC://SOMEDOMAIN可能會失敗。
在我的項目中,我使用DsGetDcName Win32函數來發現GC。
DsGetDcName函數的詳細信息:
http://msdn.microsoft.com/en-us/library/ms675983%28v=vs.85%29.aspx
請參閱以下有關如何撥通呼叫的電話:
http://www.pinvoke.net/default.aspx/netapi32.dsgetdcname
據我所知System.DirectoryServices.ActiveDirectory還提供了用於處理GC的類。
例如Forest.GlobalCatalogs
我已經使用了DsGetDcName函數,所以以前從未嘗試過。
獲取PrincipalContext的連接服務器以獲取全局編錄
[英]Get the connected server of a PrincipalContext for global catalog
在C#中確定給定LDAP服務器詳細信息的用戶的用戶組/聲明
[英]Determine usergroups/claims of user given LDAP server details in C#
嘗試連接 LDAP 服務器並得到“識別名包含無效語法”
[英]Try to connect LDAP server and get “The distinguished name contains invalid syntax”
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.