I'm running into a problem where running a DirectorySearcher isn't always returning a result successfully. For instance, I'll send in my manager's GUID using the following method to convert the string (NativeGuid):
我遇到的问题是运行DirectorySearcher并不总是成功返回结果。例如,我将使用以下方法发送我的经理的GUID来转换字符串(NativeGuid):
public static string Guid2OctetString(string objectGuid)
{
System.Guid guid = new Guid(objectGuid);
byte[] byteGuid = guid.ToByteArray();
string queryGuid = "";
foreach (byte b in byteGuid)
{
queryGuid += @"\" + b.ToString("x2");
}
return queryGuid;
}
This supposedly converts the guid string into something usable by Active Directory. When I run my manager's NativeGuid through this, I get a result. But then in the next step of the application, I run one of the directReports' Guids through in the same way but get no results. The user DOES exist and I can get the entry if i pull the DirectoryEntry, but I don't want the full entry as it is too slow to process. I need to be able to narrow the fields using the DirectorySearcher to speed this thing up. Any ideas why I'm getting goose egg on the directory search on some users but not others?
这可能会将guid字符串转换为Active Directory可用的内容。当我通过这个运行我的经理的NativeGuid时,我得到一个结果。但是在应用程序的下一步中,我以相同的方式运行其中一个directReports的Guids,但没有得到任何结果。用户确实存在,如果我拉出DirectoryEntry,我可以获得条目,但我不想要完整的条目,因为它太慢而无法处理。我需要能够使用DirectorySearcher缩小字段以加快速度。任何想法为什么我在一些用户的目录搜索而不是其他用户的鹅蛋?
1 个解决方案
#1
1
If you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:
如果您使用的是.NET 3.5及更高版本,则应查看System.DirectoryServices.AccountManagement(S.DS.AM)命名空间。在这里阅读所有相关内容:
- Managing Directory Security Principals in the .NET Framework 3.5
- MSDN docs on System.DirectoryServices.AccountManagement
管理.NET Framework 3.5中的目录安全性主体
System.DirectoryServices.AccountManagement上的MSDN文档
Basically, you can define a domain context and easily find users and/or groups in AD:
基本上,您可以定义域上下文并在AD中轻松查找用户和/或组:
// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, IdentityType.Guid, YourGuid.ToString());
if(user != null)
{
// do something here....
}
The new S.DS.AM makes it really easy to play around with users and groups in AD!
新的S.DS.AM使得在AD中与用户和群组玩起来非常容易!
#1
1
If you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:
如果您使用的是.NET 3.5及更高版本,则应查看System.DirectoryServices.AccountManagement(S.DS.AM)命名空间。在这里阅读所有相关内容:
- Managing Directory Security Principals in the .NET Framework 3.5
- MSDN docs on System.DirectoryServices.AccountManagement
管理.NET Framework 3.5中的目录安全性主体
System.DirectoryServices.AccountManagement上的MSDN文档
Basically, you can define a domain context and easily find users and/or groups in AD:
基本上,您可以定义域上下文并在AD中轻松查找用户和/或组:
// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, IdentityType.Guid, YourGuid.ToString());
if(user != null)
{
// do something here....
}
The new S.DS.AM makes it really easy to play around with users and groups in AD!
新的S.DS.AM使得在AD中与用户和群组玩起来非常容易!