C# 找经理';广告公司的员工
我正试图得到一个经理的雇员名单,因为他的DN。 假设登录用户是管理员 1) 使用sAMAccountName(即域ID)在active directory中搜索管理器,并检索可识别的名称 2) 搜索active directory中“manager”属性等于先前检索到的DifferentizedName的所有用户对象 但是,我的目录项集合始终为空。假设给定了用户/经理的DN,下面是我所做的C# 找经理';广告公司的员工,c#,active-directory,distinguishedname,C#,Active Directory,Distinguishedname,我正试图得到一个经理的雇员名单,因为他的DN。 假设登录用户是管理员 1) 使用sAMAccountName(即域ID)在active directory中搜索管理器,并检索可识别的名称 2) 搜索active directory中“manager”属性等于先前检索到的DifferentizedName的所有用户对象 但是,我的目录项集合始终为空。假设给定了用户/经理的DN,下面是我所做的 private static List<DirectoryEntry> GetUserDEBy
private static List<DirectoryEntry> GetUserDEByManagerDN(string sDN)
{
string adPath = ConfigurationManager.AppSettings["ADPath"].ToString();
DirectoryEntry de = new DirectoryEntry(adPath + "/" + sDN);
List<DirectoryEntry> lsUsers = new List<DirectoryEntry>();
using (DirectorySearcher Search = new DirectorySearcher())
{
Search.SearchRoot = de;
Search.Filter = "(&(manager=" + sDN + "))";
//Search.Filter = "(&(manager=" + sDN + ")(extensionAttribute14=INV))";
Search.SearchScope = SearchScope.Base; // Also tried SearchScope.Subtree
SearchResultCollection Results = Search.FindAll();
if (null != Results) // Results is not null but has zero length
{
foreach (SearchResult Result in Results)
{
DirectoryEntry deUser = Result.GetDirectoryEntry();
if (null != deUser)
lsUsers.Add(deUser);
}
}
}
return lsUsers;
}
不走运。非常感谢您的帮助。根据itsme86关于设置包含所有用户的容器的建议,以及Camilo Terevinto关于从AD路径中删除manager的DN的具体建议,问题得到了解决。我还必须将搜索范围从基更改为子树 以下是对我有效的方法:
private static List<DirectoryEntry> GetUserDEByManagerDN(string sManagerDN)
{
string adPath = ConfigurationManager.AppSettings["ADPath"].ToString();
/* This was one of the issues */
//DirectoryEntry de = new DirectoryEntry(adPath + "/" + sManagerDN);
DirectoryEntry de = new DirectoryEntry(adPath);
List<DirectoryEntry> lsUsers = new List<DirectoryEntry>();
using (DirectorySearcher Search = new DirectorySearcher())
{
Search.SearchRoot = de;
/* I had to include extension attribute 14 to get rid of some unusual "users", like Fax, special accounts, etc. You might not need it
//Search.Filter = "(manager=" + sDN + ")";
Search.Filter = "(&(manager=" + sDN + ")(extensionAttribute14=INV))";
//Search.SearchScope = SearchScope.Base;
Search.SearchScope = SearchScope.Subtree;
SearchResultCollection Results = Search.FindAll();
if (null != Results)
{
foreach (SearchResult Result in Results)
{
DirectoryEntry deUser = Result.GetDirectoryEntry();
if (null != deUser)
lsUsers.Add(deUser);
}
}
}
return lsUsers;
}
私有静态列表getUserDebyManager(字符串smanagernd)
{
字符串adPath=ConfigurationManager.AppSettings[“adPath”].ToString();
/*这是问题之一*/
//DirectoryEntry de=新的DirectoryEntry(adPath+“/”+smanagernd);
DirectoryEntry de=新的DirectoryEntry(adPath);
List lsUsers=新列表();
使用(DirectorySearcher Search=new DirectorySearcher())
{
Search.SearchRoot=de;
/*我必须包括扩展属性14,以摆脱一些不寻常的“用户”,如传真、特殊帐户等。您可能不需要它
//Search.Filter=“(manager=“+sDN+””);
Search.Filter=“(&(manager=“+sDN+”)(extensionAttribute14=INV));
//Search.SearchScope=SearchScope.Base;
Search.SearchScope=SearchScope.Subtree;
SearchResultCollection Results=Search.FindAll();
if(null!=结果)
{
foreach(搜索结果中的搜索结果)
{
DirectoryEntry deUser=Result.GetDirectoryEntry();
如果(空!=deUser)
lsUsers.Add(deUser);
}
}
}
返回用户;
}
我会尝试删除过滤器,并确保传递给过滤器的值与至少一个结果的字段相对应。这听起来可能是您最初的de
太具体了。是否将其设置为包含所有用户的容器?搜索根目录必须是所有用户都可以在其中找到的内容。搜索的范围不会太广,以至于永远都无法搜索;搜索的范围也不会太窄,以至于忽略了您要查找的内容。除了@itsme86所提到的内容之外:用户肯定不是他们自己的经理。我猜你需要去掉用户名,只需使用newdirectoryentry(adPath)
Perfect!工作。我从AD路径中删除了用户的DN,并将搜索范围从基本更改为子树,并将所有60个用户都置于我正在测试的manager DN之下。现在,如果有人根据评论创建了一个答案,我会将其标记为答案。@NoBullMan-如果没有人回答,你可以自己写一个答案,引用评论员的归因。干杯:)谢谢,我不知道我能做到!很高兴我能帮助你哥哥。
private static List<DirectoryEntry> GetUserDEByManagerDN(string sManagerDN)
{
string adPath = ConfigurationManager.AppSettings["ADPath"].ToString();
/* This was one of the issues */
//DirectoryEntry de = new DirectoryEntry(adPath + "/" + sManagerDN);
DirectoryEntry de = new DirectoryEntry(adPath);
List<DirectoryEntry> lsUsers = new List<DirectoryEntry>();
using (DirectorySearcher Search = new DirectorySearcher())
{
Search.SearchRoot = de;
/* I had to include extension attribute 14 to get rid of some unusual "users", like Fax, special accounts, etc. You might not need it
//Search.Filter = "(manager=" + sDN + ")";
Search.Filter = "(&(manager=" + sDN + ")(extensionAttribute14=INV))";
//Search.SearchScope = SearchScope.Base;
Search.SearchScope = SearchScope.Subtree;
SearchResultCollection Results = Search.FindAll();
if (null != Results)
{
foreach (SearchResult Result in Results)
{
DirectoryEntry deUser = Result.GetDirectoryEntry();
if (null != deUser)
lsUsers.Add(deUser);
}
}
}
return lsUsers;
}