C# 具有MemberOf属性的LDAP DirectorySearcher
我想查找某个OU中属于某个组的所有用户,因此我的筛选器如下所示: (&(objectClass=user)(memberOf=*OU=something,OU=yesp,DC=dev,DC=local))C# 具有MemberOf属性的LDAP DirectorySearcher,c#,active-directory,ldap,C#,Active Directory,Ldap,我想查找某个OU中属于某个组的所有用户,因此我的筛选器如下所示: (&(objectClass=user)(memberOf=*OU=something,OU=yesp,DC=dev,DC=local)) 有没有办法在memberof属性上使用通配符运行directorysearcher?不要指定memberof子句。不要指定memberof子句。只需使用“(objectClass=user)”您需要将要搜索的OU设置为DirectorySearcher的根目录: DirectoryEntry
有没有办法在memberof属性上使用通配符运行directorysearcher?不要指定memberof子句。不要指定
memberof
子句。只需使用“(objectClass=user)”
您需要将要搜索的OU设置为DirectorySearcher的根目录:
DirectoryEntry myOU = new DirectoryEntry("OU=something,OU=yep,DC=dev,DC=local");
DirectorySearcher srch = new DirectorySearcher(myOU);
srch.SearchScope = SearchScope.Subtree;
然后只使用objectCategory=person作为过滤器-我会使用objectCategory,它是单值和索引的,因此速度很快,而不是objectClass(它是多值的,没有索引):
如果除了作为OU的一部分之外,还希望检查组中的成员身份,则可以将其作为部分成员添加到筛选器中:
srch.Filter = "(&(objectCategory=person)(memberOf=cn=Group,ou=yep,dc=dev,dc=local))";
不完全确定通配符-一般来说,LDAP搜索筛选器确实支持通配符,但我对在RDN中使用通配符(如此处的组DN)有点犹豫
Marc根据,Active Directory不支持DNs的通配符搜索。以下是我如何做到这一点的
是LDAP名称
是您需要其成员的组
DirectoryEntry entry = new DirectoryEntry("LDAP://<COMPANYLDAP>/CN=<Group Name>,OU=something,OU=yep,DC=dev,DC=local");
DirectorySearcher Dsearch = new DirectorySearcher(entry);
SearchResult sResultSet = Dsearch.FindOne();
GetProperty(sResultSet, "member");
public static void GetProperty(SearchResult searchResult, string PropertyName)
{
StringBuilder strb = new StringBuilder();
if (searchResult.Properties.Contains(PropertyName))
{
ResultPropertyValueCollection rc = searchResult.Properties[PropertyName];
foreach (string name in rc)
{
DirectoryEntry entry = new DirectoryEntry("LDAP://<COMPANYLDAP>/" + name);
DirectorySearcher Dsearch = new DirectorySearcher(entry);
//Dsearch.Filter = name;
SearchResult sResultSet = Dsearch.FindOne();
strb.AppendLine(GetPropertyvalue(sResultSet, "displayname") + "," + GetPropertyvalue(sResultSet, "mail"));
}
}
File.WriteAllText(strb.ToString(), "c:\\Users.txt");
}
DirectoryEntry=newdirectoryentry(“LDAP:///CN=,OU=something,OU=yesp,DC=dev,DC=local”);
DirectorySearch Dsearch=新的DirectorySearch(条目);
SearchResult sResultSet=Dsearch.FindOne();
GetProperty(sResultSet,“成员”);
公共静态void GetProperty(SearchResult SearchResult,string PropertyName)
{
StringBuilder strb=新的StringBuilder();
if(searchResult.Properties.Contains(PropertyName))
{
ResultPropertyValueCollection rc=searchResult.Properties[PropertyName];
foreach(rc中的字符串名称)
{
DirectoryEntry=新的DirectoryEntry(“LDAP://”+名称);
DirectorySearch Dsearch=新的DirectorySearch(条目);
//Dsearch.Filter=名称;
SearchResult sResultSet=Dsearch.FindOne();
strb.AppendLine(GetPropertyvalue(sResultSet,“displayname”)+,“+GetPropertyvalue(sResultSet,“mail”));
}
}
File.WriteAllText(strb.ToString(),“c:\\Users.txt”);
}
DirectoryEntry entry = new DirectoryEntry("LDAP://<COMPANYLDAP>/CN=<Group Name>,OU=something,OU=yep,DC=dev,DC=local");
DirectorySearcher Dsearch = new DirectorySearcher(entry);
SearchResult sResultSet = Dsearch.FindOne();
GetProperty(sResultSet, "member");
public static void GetProperty(SearchResult searchResult, string PropertyName)
{
StringBuilder strb = new StringBuilder();
if (searchResult.Properties.Contains(PropertyName))
{
ResultPropertyValueCollection rc = searchResult.Properties[PropertyName];
foreach (string name in rc)
{
DirectoryEntry entry = new DirectoryEntry("LDAP://<COMPANYLDAP>/" + name);
DirectorySearcher Dsearch = new DirectorySearcher(entry);
//Dsearch.Filter = name;
SearchResult sResultSet = Dsearch.FindOne();
strb.AppendLine(GetPropertyvalue(sResultSet, "displayname") + "," + GetPropertyvalue(sResultSet, "mail"));
}
}
File.WriteAllText(strb.ToString(), "c:\\Users.txt");
}