我们有几个呼叫中心每个都有自己的包含所有在该呼叫中心工作的代理Active Directory组。在那里，它是可能的呼叫中心拥有多个主管，所以我就一个人在我们的服务台设置这样的活动目录：

亚特兰大呼叫中心

然后：

亚特兰大呼叫中心 - 监事

和呼叫中心集团 managedBy 属性设置为主管的组。

目前我使用的监事组的完整的distinguishedName 进行查询。

我想只运行在管理员登录到获得组名称 managedBy 该主管的查询。在一个更好的方法的任何建议。其实我已经得到了网络管理员正在研究这个问题了。我想，他知道怎么做，但我已经输入了这一点，所以我明白你们说的。

这就是我们的网络管理员对这个问题刚才说。

在公元使用OU的属性是不处理的问题，如这是一个很好的做法。这个问题应该只通过组和用户进行处理。 OU中应该用于对象的逻辑组织为管理目的

  Label1.Text = getCallCenterGroup（CN = ******监事，OU =组，OU = *******，OU =位置，DC = * *****，DC =本地）;

保护字符串getCallCenterGroup（字符串用户）
{
        的DirectoryEntry searchRoot =新的DirectoryEntry（LDAP：// ******）;
        DirectorySearcher从搜索=新DirectorySearcher从（searchRoot）;

        sea​​rch.Filter =（managedBy =+用户+）;
        sea​​rch.PropertiesToLoad.Add（managedBy）;
        sea​​rch.PropertiesToLoad.Add（的distinguishedName）;
        sea​​rch.PropertiesToLoad.Add（CN）;

        SearchResultCollection组= search.FindAll（）;

        的foreach（在组信息搜索结果SR）
        {
            返回sr.Properties [CN] [0]的ToString（）;
        }

        返回null;
    }
 

解决方案

managedBy是一个链接的属性，这样你就可以查询它唯一的语法是要匹配的对象的DN。我不知道如果是这样的问题，如果我是误会，但。

在一个单独的线程，我真的不约不扩展的OU您的网络管理员同意，但是，这是一个单独的讨论。

We have several call centers each with has its own group in the Active Directory that contains all the agents working at that call center. There it is possible for the call center to have multiple supervisors so I got someone at our helpdesk to setup the active directory like this:

Atlanta Call Center

Then:

Atlanta Call Center - Supervisors

And the Call Center Group's managedBy attribute is set to the supervisor's group.

Currently I have to query it using the full distinguishedname of the supervisors group.

I would like to just run a query on the supervisor logged in to get the group name managedBy that supervisor. Any suggestions on a better approach. I've actually got the network admin looking into the issue now. I think he knows what to do but I already typed this out so I'll see what you guys say.

This is what our network admin just said on the issue.

Using a property of a OU in the AD is not a good practice for handling issue such as this. The issue should be handled via groups and users only. OUs should be used for logical organization of objects for management purposes.

Label1.Text = getCallCenterGroup("CN=******Supervisors,OU=Groups,OU=*******,OU=Locations,DC=******,DC=local");

protected string getCallCenterGroup(string user)
{
        DirectoryEntry searchRoot = new DirectoryEntry("LDAP://******");
        DirectorySearcher search = new DirectorySearcher(searchRoot);

        search.Filter = "(managedBy=" + user + ")";
        search.PropertiesToLoad.Add("managedBy");
        search.PropertiesToLoad.Add("distinguishedName");
        search.PropertiesToLoad.Add("cn");

        SearchResultCollection groups = search.FindAll();

        foreach (SearchResult sr in groups)
        {
            return sr.Properties["cn"][0].ToString();
        }

        return null;
    }

managedBy is a linked attribute so the only syntax you can query it with is the DN of the object you want to match on. I'm not sure if that was the question or if I'm misunderstanding, though.

On a seperate thread, I don't really agree with your network admin about not extending OUs, but, that's a seperate discussion.