Warning: file_get_contents(/data/phpspider/zhask/data//catemap/6/xamarin/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
C# 从Active Directory中的特定组和OU检索用户_C#_Active Directory - Fatal编程技术网
Fatal编程技术网
  • csharp/
  • C# 从Active Directory中的特定组和OU检索用户

C# 从Active Directory中的特定组和OU检索用户

c# active-directory

C# 从Active Directory中的特定组和OU检索用户,c#,active-directory,C#,Active Directory,我想从Active Directory中的特定OU检索给定组中的所有用户。我的代码抛出一个异常 操作已中止,因为超出了客户端超时限制 我在 foreach (SearchResultEntry entry in searchResponse.Entries) 我的组名是Arya,OU名是TestOU 但是,当我将过滤器编写为 string searchFilter = "(&(objectCategory=user)" 它工作并返回所有OU的用户,我想这是我不想要的 bool bM

我想从Active Directory中的特定OU检索给定组中的所有用户。我的代码抛出一个异常

操作已中止,因为超出了客户端超时限制

我在

foreach (SearchResultEntry entry in searchResponse.Entries)
我的组名是
Arya
,OU名是
TestOU

但是,当我将过滤器编写为

string searchFilter = "(&(objectCategory=user)"
它工作并返回所有OU的用户,我想这是我不想要的

bool bMoreData = false;

DirectoryEntry rootDSE = new DirectoryEntry("LDAP://" + domain);
string[] attributes = { "samaccountname", "displayname", "name", "initials" };

System.Net.NetworkCredential credential = new System.Net.NetworkCredential(admin, password, "IP address");

LdapDirectoryIdentifier directoryIdentifier = new LdapDirectoryIdentifier("ip address"); //389 (unsecured LDAP)
LdapConnection connection = new LdapConnection(directoryIdentifier, credential);
connection.Bind();

string searchFilter = "(&(objectCategory=user)(memberOf=cn=Arya,ou=TestOU,dc=Maintenance,dc=org))";
SearchRequest request = new SearchRequest("DC=Maintenance,DC=org", searchFilter, System.DirectoryServices.Protocols.SearchScope.Base, attributes);
// getCookie();

DirSyncRequestControl dirSyncRC = new DirSyncRequestControl(cookie, System.DirectoryServices.Protocols.DirectorySynchronizationOptions.IncrementalValues, Int32.MaxValue);
request.Controls.Add(dirSyncRC);

SearchResponse searchResponse = (SearchResponse)connection.SendRequest(request);

foreach (SearchResultEntry entry in searchResponse.Entries)// Exception thrown here
{
    Console.WriteLine("{0}:{1}",
    searchResponse.Entries.IndexOf(entry),
    entry.DistinguishedName);
}

foreach (DirectoryControl control in searchResponse.Controls)
{
    if (control is DirSyncResponseControl)
    {
        DirSyncResponseControl dsrc = control as DirSyncResponseControl;
        cookie = dsrc.Cookie;
        bMoreData = dsrc.MoreData;
        break;
    }
}
您可以为您的OU绑定到
PrincipalContext
,然后找到您要查找的组:

// create your domain context - bind to the OU you're interested in
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain, null, "OU=TestOU"))
{
   // define a "query-by-example" principal - here, we search for any GroupPrincipal 
   GroupPrincipal group = ctx.FindByIdentity("Arya");

   // if group is found - enumerate its members
   if(group != null) 
   {
       foreach(var found in group.GetMembers())
       {
            // 
       }
   }
}
如果您还没有阅读过MSDN文章(可从Microsoft下载
.CHM
文件-MSDN杂志2008年1月号),这篇文章很好地展示了如何充分利用
System.DirectoryServices.AccountManagement
中的新功能。或者查看名称空间。

我发现下面这行有问题

DirSyncRequestControl dirSyncRC = new DirSyncRequestControl(cookie, System.DirectoryServices.Protocols.DirectorySynchronizationOptions.IncrementalValues, Int32.MaxValue);
当我用它代替它时,它对我起作用了

DirSyncRequestControl dirSyncRC = new DirSyncRequestControl(cookie, System.DirectoryServices.Protocols.DirectorySynchronizationOptions.ObjectSecurity, Int32.MaxValue);
您使用这个非常低级的LDAP接口有什么特别的原因吗?我有一个本地数据库,需要与AD服务器同步,在api create cookie之上,这样它就不会获取下一个未修改的记录。我找到了上述解决方案,并采取了行动。我想通过使用过滤器来实现这一点