directoryservices

问题 How do I limit the attributes that are returned in an LDAP query through System.DirectoryServices? I have been using a DirectorySearcher and adding the properties that I want to DirectorySearcher.PropertiesToLoad. The problem is that this just makes sure that the added properties are included in the DirectoryEntry.Properties as well as some default list. Is there any way to specify the only properties that you want returned? DirectoryEntry base = new DiectoryEntry(rootPath, null, null,

问题 Is there a way in AD Query syntax, to find an OU's full path by searching on its partial path? For example, the full path to my OU is: OU=Clerks,OU=OfficeA,OU=Administration,DC=domain,DC=local Now, I'd like to try and search and find that object by using the partial path: OU=Clerks,OU=OfficeA I'd like to be able to search something like: (&(objectCategory=organizationalUnit)(path=Clerks/OfficeA*)) I can't find any syntax examples of how to accomplish something like this. A program I'm

问题 I'm seeing an initial delay of 2-5 seconds between the time that I execute DirectorySearcher FindOne() and the first network packet I see go out to the LDAP server. After the initial execution, subsequent executions complete instantly for about 45 seconds. After that period of fast executions, the next execution will be delayed and again all subsequent executions will complete instantly. It seems like there's some sort of caching going on but I haven't been able to find any resources

问题 I want to get the last modified or created attributes via the uSNChanged value in ActiveDirectory using C# ... I was also trying to find the max value of uSNChanged , can you help me to find out the solution? Thanks 回答1: There are two ways to retrieve the uSNChanged property via .NET: Include a reference to a COM library: "Active DS Type Library", then you need to use the IADsLargeInterger to retrieve the value and finally convert it to a long . For example: IADsLargeInteger li_ad =

问题 I want to get the last modified or created attributes via the uSNChanged value in ActiveDirectory using C# ... I was also trying to find the max value of uSNChanged , can you help me to find out the solution? Thanks 回答1: There are two ways to retrieve the uSNChanged property via .NET: Include a reference to a COM library: "Active DS Type Library", then you need to use the IADsLargeInterger to retrieve the value and finally convert it to a long . For example: IADsLargeInteger li_ad =

问题 I am looking to be able to pull a list of current OU's from Active Directory I have been looking at some example code online for sometime, but O don't seem to be able to get this to work. string defaultNamingContext; DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE"); defaultNamingContext = rootDSE.Properties["defaultNamingContext"].Value.ToString(); DirectorySearcher ouSearch = new DirectorySearcher(rootDSE, "(objectClass=organizationalUnit)", null, SearchScope.Subtree);

问题 On a Vista dev machine I used this code successfully to change user "Administrator" password: directoryEntry.Invoke("SetPassword", "new"); When I moved it over to my Server 2008 dev machine that code did not work, and I was forced to use the following code: directoryEntry.Invoke("ChangePassword", new object[] { "old", "new" }); My question is, why? For both cases, I created my DirectoryEntry object as such: DirectoryEntry directoryEntry = new DirectoryEntry(string.Format("WinNT://{0}/{1}",

问题 Can't find anything in the MSDN documentation on this. I.e. is it enough to do, say: using(PrincipalSearcher searcher = ...) { foreach (var principal in searcher.FindAll()) { ... do something ... } // The PrincipalSearchResult<T> returned by searcher.FindAll is disposed here } which is what most examples I've seen do, or should I do: using(PrincipalSearcher searcher = ...) { foreach(var principal in searcher.FindAll()) { using (principal) { // ... do something ... } } } The latter (explicitly

问题 I'm currently trying to authenticate via Active Directory Services using the PrincipalContext class. I would like to have my application authenticate to the Domain using Sealed and SSL contexts. In order to do this, I have to use the following constructor of PrincipalContext (link to MSDN page): public PrincipalContext( ContextType contextType, string name, string container, ContextOptions options ) Specifically, I'm using the constructor as so: PrincipalContext domainContext = new

问题 I'm trying to use the .NET 3.5 System.DirectoryServices.AccountManagement namespace to validate user credentials against our Active Directory LDAP server over an SSL encrypted LDAP connection . Here's the sample code: using (var pc = new PrincipalContext(ContextType.Domain, "sd.example.com:389", "DC=sd,DC=example,DC=com", ContextOptions.Negotiate)) { return pc.ValidateCredentials(_username, _password); } This code works fine over unsecured LDAP (port 389), however I'd rather not transmit a