我期待能拉动当前OU的从Active Directory的名单我一直在寻找一些例如code网上的某个时候,但Ø似乎并没有能够得到这个工作。
I am looking to be able to pull a list of current OU's from Active Directory I have been looking at some example code online for sometime, but O don't seem to be able to get this to work.
string defaultNamingContext;
DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");
defaultNamingContext = rootDSE.Properties["defaultNamingContext"].Value.ToString();
DirectorySearcher ouSearch = new DirectorySearcher(rootDSE, "(objectClass=organizationalUnit)",
null, SearchScope.Subtree);
MessageBox.Show(rootDSE.ToString());
try
{
SearchResultCollection collectedResult = ouSearch.FindAll();
foreach (SearchResult temp in collectedResult)
{
comboBox1.Items.Add(temp.Properties["name"][0]);
DirectoryEntry ou = temp.GetDirectoryEntry();
}
我得到的错误是有供应商不支持搜索,不能搜索LDAP:// RootDSE的任何想法? 每个这些返回的搜索结果我想将它们添加到组合框。 (不要太用力)
The error I get is There provider does not support searching and cannot search LDAP://RootDSE Any Ideas? for each of those returned search results I want to add them to a combo box. (shouldn't be too hard)
您不能搜索的 LDAP:// RootDSE的
的水平 - 这只是一个信息的地址与一些东西。它并没有真正重新present任何位置在目录中。您需要绑定到默认命名上下文第一:
You cannot search on the LDAP://RootDSE
level - that's just an "informational" address with some stuff. It doesn't really represent any location in your directory. You need to bind to the default naming context first:
string defaultNamingContext;
DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");
defaultNamingContext = rootDSE.Properties["defaultNamingContext"].Value.ToString();
DirectoryEntry default = new DirectoryEntry("LDAP://" + defaultNamingContext);
DirectorySearcher ouSearch = new DirectorySearcher(default,
"(objectClass=organizationalUnit)",
null, SearchScope.Subtree);
一旦你这样做,你应该确定找到的所有OU在你的域名。
Once you do that, you should be OK to find all OU's in your domain.
另外,为了加快速度,我会建议不使用搜索对象类
- 该属性是的没有的索引中的AD。使用 objectCategory属性
代替,这是索引:
And in order to speed things up, I would recommend not searching using objectClass
- that property is not indexed in AD. Use objectCategory
instead, which is indexed:
DirectorySearcher ouSearch = new DirectorySearcher(default,
"(objectCategory=Organizational-Unit)",
null, SearchScope.Subtree);
更新:
我发现这个过滤器是错误的 - 尽管 objectCategory属性
显示为 CN =组织单位,.....
在 ADSI的浏览器,你需要指定 objectCategory属性=组织单位
中寻找它的成功:
UPDATE:
I discovered this filter is wrong - even though the objectCategory
is shown as CN=Organizational-Unit,.....
in the ADSI browser, you need to specify objectCategory=organizationalUnit
in the search for it to succeed:
DirectorySearcher ouSearch = new DirectorySearcher(default,
"(objectCategory=organizationalUnit)",
null, SearchScope.Subtree);