问题描述
我正在尝试将 LDAP/AD 搜索从仅在当前登录的域中搜索扩展到搜索 AD 中的所有域.该方法接收带有查询的字符串,并返回并返回一个 LDAPInformation 对象.
I am attempting to expand a LDAP / AD search from only searching in the currently logged in domain to searching all domains in the AD. The method takes in the string with the query and returns and return an LDAPInformation object.
虽然我在问,有没有比这种方式更好的方法来搜索名称?由于在按姓氏查找人时需要使用通配符,因此用户不友好(例如:Doe*).
While I am asking, is there any better way to search for the name than in this way? It is user unfriendly due to needing to use wildcards if looking for a person by last name (example: Doe*).
public static LDAPInformation[] GetGlobalAddressListVIAName(string nameQuery)
{
var currentForest = Forest.GetCurrentForest();
var globalCatalog = currentForest.FindGlobalCatalog();
using (var searcher = globalCatalog.GetDirectorySearcher())
{
using (var entry = new DirectoryEntry(searcher.SearchRoot.Path))
{
searcher.Filter = "(&(mailnickname=*)(objectClass=user)(displayName=" + nameQuery + "))";
searcher.PropertyNamesOnly = true;
searcher.SearchScope = SearchScope.Subtree;
searcher.Sort.Direction = SortDirection.Ascending;
searcher.Sort.PropertyName = "displayName";
return searcher.FindAll().Cast<SearchResult>().Select(result => new LDAPInformation(result.GetDirectoryEntry())).ToArray();
}
}
}
这是对象:
class LDAPInformation
{
internal LDAPInformation(DirectoryEntry entry)
{
//Section: HASH
this.sAMAccountName = (string)entry.Properties["sAMAccountName"].Value;
//Section: Email
this.Mail = (string)entry.Properties["mail"].Value;
//Section: Organziation
this.Description = (string)entry.Properties["description"].Value;
this.Company = (string)entry.Properties["company"].Value;
this.Title = (string)entry.Properties["title"].Value;
this.Department = (string)entry.Properties["department"].Value;
//Section: Name
this.DisplayName = (string)entry.Properties["displayName"].Value;
this.FirstName = (string)entry.Properties["firstName"].Value;
this.MiddleName = (string)entry.Properties["middleName"].Value;
this.LastName = (string)entry.Properties["lastName"].Value;
//Section: Address
this.StreetAddress = (string)entry.Properties["streetAddress"].Value;
this.City = (string)entry.Properties["city"].Value;
this.State = (string)entry.Properties["state"].Value;
this.PostalCode = (string)entry.Properties["postalCode"].Value;
this.TelephoneNumber = (string)entry.Properties["telephoneNumber"].Value;
}
public string DisplayName
{
get;
private set;
}
public string Mail
{
get;
private set;
}
public string sAMAccountName
{
get;
private set;
}
public string Description
{
get;
private set;
}
public string Company
{
get;
private set;
}
public string Title
{
get;
private set;
}
public string Department
{
get;
private set;
}
public string FirstName
{
get;
private set;
}
public string MiddleName
{
get;
private set;
}
public string LastName
{
get;
private set;
}
public string StreetAddress
{
get;
private set;
}
public string City
{
get;
private set;
}
public string State
{
get;
private set;
}
public string PostalCode
{
get;
private set;
}
public string TelephoneNumber
{
get;
private set;
}
}
推荐答案
查询全局目录才是正确的做法.
Querying the global catalog is the correct approach.
您可能想要查看不明确的名称解析 (ANR) - http://support.microsoft.com/kb/243299.
You might want to look into Ambigous Name Resolution (ANR) - http://support.microsoft.com/kb/243299.
这篇关于如何使用 C# 更好地查询 Active Directory 中的多个域?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!