[英]DirectorySearcher Filter
當我運行此查詢
// Next row is used to login to AD
DirectoryEntry entry = GetEntry(domain, adminUser, adminPassword);
// Here starts the query
DirectorySearcher search = new DirectorySearcher(entry)
{
SearchScope = SearchScope.Subtree,
Filter = "(&" +
"(objectClass=user)" +
// "(distinguishedname=*OU=Ingegneria*)" +
"(givenname=s*)" +
"(samaccountname=*100)" +
")"
};
search.PropertiesToLoad.Add("distinguishedname");
SearchResultCollection result = search.FindAll();
我得到六個條目,這是正確的。
如果我使用record.GetDirectoryEntry()
,則所有記錄都有
distinguishedname: CN=xxx,OU=Utenti,OU=Ingegneria,DC=xxx,DC=xxx
無論如何,如果我刪除過濾器的distinguishedname
部分的注釋,我將得到零條目!
我也嘗試使用search.PropertiesToLoad.Add("distinguishedname");
沒有運氣。
如何在過濾器中搜索distinguishedname
?
更新:
如果我嘗試在過濾器中使用"(distinguishedname=*)" +
,我仍然會得到6條記錄,所以我認為我可以搜索專有名稱...
UPDATE2:
我還嘗試使用OU的部分路徑為OU使用Search Active Directory中的代碼:
Filter = "(&(objectClass=user)(ou=Ingegneria))";
但我有零個條目(如果刪除(objectClass=user)
部分,則有兩個條目)
如果只想查詢,則應在初始連接中綁定到該容器:
// Next row is used to login to AD
string ldapPath = "LDAP://OU=Ingegneria,DC=xxx,DC=xxx";
DirectoryEntry searchRoot = GetEntry(ldapPath, adminUser, adminPassword);
// Here starts the query
DirectorySearcher search = new DirectorySearcher(searchRoot)
{
SearchScope = SearchScope.Subtree,
Filter = "(&" +
"(objectClass=user)" +
"(givenname=s*)" +
"(samaccountname=*100)" +
")"
};
search.PropertiesToLoad.Add("distinguishedname");
SearchResultCollection result = search.FindAll();
這樣,您還可以大大減少AD中需要搜索的空間,從而加快搜索速度。
如果使用的是.NET 3.5或更高版本,則可以使用PrincipalSearcher
和“按示例查詢”主體進行搜索:
// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "YOURDOMAIN", "OU=Ingegneria,DC=xxx,DC=xxx");
// define a "query-by-example" principal - here, we search for a UserPrincipal
UserPrincipal qbeUser = new UserPrincipal(ctx);
qbeUser.GivenName = "s*";
qbeUser.SamAccountName = "*100";
// create your principal searcher passing in the QBE principal
PrincipalSearcher srch = new PrincipalSearcher(qbeUser);
// find all matches
foreach(var found in srch.FindAll())
{
// do whatever here - "found" is of type "Principal"
UserPrincipal userFound = found as UserPrincipal;
if(userFound != null)
{
// do something with your user principal here....
}
}
如果您還沒有,請絕對閱讀MSDN文章.NET Framework 3.5中的 “ 管理目錄安全性主體”,它很好地展示了如何充分利用System.DirectoryServices.AccountManagement
中的新功能。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.