Acquiring AD OU list

前端未结

关注

 1  865

长情又很酷 2021-01-03 03:03

I am looking to be able to pull a list of current OU\'s from Active Directory I have been looking at some example code online for sometime, but O don\'t seem to be able to g

1条回答

时光说笑 (楼主)

2021-01-03 03:42

You cannot search on the LDAP://RootDSE level - that's just an "informational" address with some stuff. It doesn't really represent any location in your directory. You need to bind to the default naming context first:

string defaultNamingContext;

DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");
defaultNamingContext = rootDSE.Properties["defaultNamingContext"].Value.ToString();

DirectoryEntry default = new DirectoryEntry("LDAP://" + defaultNamingContext);

DirectorySearcher ouSearch = new DirectorySearcher(default, 
                                     "(objectClass=organizationalUnit)", 
                                     null, SearchScope.Subtree);

Once you do that, you should be OK to find all OU's in your domain.

And in order to speed things up, I would recommend not searching using objectClass - that property is not indexed in AD. Use objectCategory instead, which is indexed:

DirectorySearcher ouSearch = new DirectorySearcher(default, 
                                     "(objectCategory=Organizational-Unit)", 
                                     null, SearchScope.Subtree);

UPDATE:
I discovered this filter is wrong - even though the objectCategory is shown as CN=Organizational-Unit,..... in the ADSI browser, you need to specify objectCategory=organizationalUnit in the search for it to succeed:

DirectorySearcher ouSearch = new DirectorySearcher(default, 
                                     "(objectCategory=organizationalUnit)", 
                                     null, SearchScope.Subtree);

0 讨论(0)