英文:
How to get user by it's objectGUID from Active Directory by using Novell.Directory.Ldap.NETstandard?
问题
我正在编写一个.NET Core应用程序。该应用程序使用"Novell.Directory.Ldap.NETStandard" v3.6.0与Windows上的Active Directory进行连接。我试图使用objectGUID检索条目,但没有可用的基本搜索,这意味着我需要在整个目录中搜索。以下是我正在使用的代码示例。
string ldapHost = "ldap.example.com";
int ldapPort = 389;
string ldapUser = "cn=admin,dc=example,dc=com";
string ldapPassword = "password";
string searchBase = ""; // 设置为null/空以从根目录搜索
string[] _attributes = { "objectGUID", "objectCategory", "objectClass" };
// 使用objectGUID属性和GUID值构造搜索过滤器
string searchFilter = "(objectGUID=3EBCE0D7-89A1-41A5-9AFD-71C2A8BEC408)";
LdapConnection ldapConnection = new LdapConnection();
ldapConnection.Connect(ldapHost, ldapPort);
ldapConnection.Bind(ldapUser, ldapPassword);
LdapSearchConstraints searchConstraints = new LdapSearchConstraints();
searchConstraints.ReferralFollowing = true;
LdapSearchResults searchResults;
try
{
searchResults = (LdapSearchResults)ldapConnection.Search(
searchBase,
LdapConnection.ScopeSub,
searchFilter,
_attributes,
false,
searchConstraints);
}
catch (LdapException ex)
{
Console.WriteLine("Search operation failed: " + ex.Message);
ldapConnection.Disconnect();
return;
}
if (searchResults.HasMore())
{
LdapEntry entry = searchResults.Next();
string distinguishedName = entry.Dn;
Console.WriteLine("Entry Found: " + distinguishedName);
}
else
{
Console.WriteLine("Entry not found.");
}
ldapConnection.Disconnect();
请注意,searchBase
设置为 string.Empty
以在整个目录中搜索。当代码运行时,连接建立正常,但在 searchResults.Next()
上收到以下异常:
'No Such Object'
请帮助我在没有可用搜索基础的情况下使用objectGUID从Active Directory中查找条目。感谢。
英文:
I am writing a .NET Core application. The application is using "Novell.Directory.Ldap.NETStandard" v3.6.0 to connect with Active Directory on Windows. I am trying to fetch an entry using objectGUID but there is no base search available which means I need to search in the whole directory. Below is the code sample i am using.
string ldapHost = "ldap.example.com";
int ldapPort = 389;
string ldapUser = "cn=admin,dc=example,dc=com";
string ldapPassword = "password";
string searchBase = ""; // Set to null/empty to search from the root
string[] _attributes = { "objectGUID", "objectCategory", "objectClass" };
// Construct the search filter with the objectGUID attribute and the GUID value
string searchFilter = "(objectGUID=3EBCE0D7-89A1-41A5-9AFD-71C2A8BEC408)";
LdapConnection ldapConnection = new LdapConnection();
ldapConnection.Connect(ldapHost, ldapPort);
ldapConnection.Bind(ldapUser, ldapPassword);
LdapSearchConstraints searchConstraints = new LdapSearchConstraints();
searchConstraints.ReferralFollowing = true;
LdapSearchResults searchResults;
try
{
searchResults = (LdapSearchResults)ldapConnection.Search(
searchBase,
LdapConnection.ScopeSub,
searchFilter,
_attributes,
false,
searchConstraints);
}
catch (LdapException ex)
{
Console.WriteLine("Search operation failed: " + ex.Message);
ldapConnection.Disconnect();
return;
}
if (searchResults.HasMore())
{
LdapEntry entry = searchResults.Next();
string distinguishedName = entry.Dn;
Console.WriteLine("Entry Found: " + distinguishedName);
}
else
{
Console.WriteLine("Entry not found.");
}
ldapConnection.Disconnect();
Please note the searchBase
is passed with string.Empty
to search in the whole directory. When the code runs the connection establishes fine and gets below exception on searchResults.Next()
> 'No Such Object'
Please help me to find an entry from an active directory by using objectGUID where no search base is available.
Thanks.
答案1
得分: 2
Active Directory 允许您使用以下格式直接绑定到对象的 GUID:<GUID=XXXXX>
所以我认为您可以将搜索基础设置为该格式,并将搜索范围设置为ScopeBase
,像这样:
searchResults = (LdapSearchResults)ldapConnection.Search(
"<GUID=3EBCE0D7-89A1-41A5-9AFD-71C2A8BEC408>",
LdapConnection.ScopeBase,
"",
_attributes,
false,
searchConstraints);
我只在 Microsoft 的 DirectoryEntry
中使用过这种方法 - 对于 Novell 库,我没有经验,所以可能需要一些调整来使其工作。
英文:
Active Directory allows you to bind directly to an object by the GUID using this format: <GUID=XXXXX>
So I believe you can set the search base to that and set the search scope to ScopeBase
, like this:
searchResults = (LdapSearchResults)ldapConnection.Search(
"<GUID=3EBCE0D7-89A1-41A5-9AFD-71C2A8BEC408>",
LdapConnection.ScopeBase,
"",
_attributes,
false,
searchConstraints);
I've only done this with Microsoft's DirectoryEntry
- I have no experience with the Novell library, so this might need some tweaks to get it to work.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论