小贝子编程

从 AD 获取经理的员工



我正试图获得一个经理的DN员工列表。假设登录用户是管理员,

1( 使用sAMAccountName(即域ID(在active directory中搜索管理器,并检索distinguishedName

2( 在active directory中搜索"manager"属性等于先前检索到的distinguishedName 的所有用户对象

但是,我的目录条目集合总是空的。以下是我所做的,假设给定了用户/经理的DN。

private static List<DirectoryEntry> GetUserDEByManagerDN(string sDN)
{
string adPath = ConfigurationManager.AppSettings["ADPath"].ToString();
DirectoryEntry de = new DirectoryEntry(adPath + "/" + sDN);
List<DirectoryEntry> lsUsers = new List<DirectoryEntry>();
using (DirectorySearcher Search = new DirectorySearcher())
{
Search.SearchRoot = de;
Search.Filter = "(&(manager=" + sDN + "))";
//Search.Filter = "(&(manager=" + sDN + ")(extensionAttribute14=INV))";
Search.SearchScope = SearchScope.Base;  // Also tried SearchScope.Subtree
SearchResultCollection Results = Search.FindAll();
if (null != Results)  // Results is not null but has zero length
{
foreach (SearchResult Result in Results)
{
DirectoryEntry deUser = Result.GetDirectoryEntry();
if (null != deUser)
lsUsers.Add(deUser);
}
}
}
return lsUsers;
}

我还尝试使用来转义DN

string sEscapedDN = sDN.Replace('\', 'x5C').Replace(')', 'x29').Replace('(', 'x28').Replace('*', 'x2A');

没有运气。感谢您的帮助。

根据itsme86关于设置包含所有用户的容器的建议,以及Camilo Terevinto关于从AD路径中删除管理员DN的具体建议,问题得到了解决。我还必须将搜索范围从基更改为子树。

以下是对我有效的方法:

private static List<DirectoryEntry> GetUserDEByManagerDN(string sManagerDN)
{
string adPath = ConfigurationManager.AppSettings["ADPath"].ToString();
/* This was one of the issues  */
//DirectoryEntry de = new DirectoryEntry(adPath + "/" + sManagerDN);
DirectoryEntry de = new DirectoryEntry(adPath);
List<DirectoryEntry> lsUsers = new List<DirectoryEntry>();
using (DirectorySearcher Search = new DirectorySearcher())
{
Search.SearchRoot = de;
/* I had to include extension attribute 14 to get rid of some unusual "users", like Fax, special accounts, etc. You might not need it
//Search.Filter = "(manager=" + sDN + ")";
Search.Filter = "(&(manager=" + sDN + ")(extensionAttribute14=INV))";
//Search.SearchScope = SearchScope.Base;  
Search.SearchScope = SearchScope.Subtree;
SearchResultCollection Results = Search.FindAll();
if (null != Results)
{
foreach (SearchResult Result in Results)
{
DirectoryEntry deUser = Result.GetDirectoryEntry();
if (null != deUser)
lsUsers.Add(deUser);
}
}
}
return lsUsers;
}

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium