在AD中使用登录名进行搜索 [英] Search with logon name in AD

问题描述

您好，

我想在此请求中根据他的登录名

Hello,
I would like to search someone based on his logon name

sAMAccountname

搜索某人：

Dim objUser = GetObject("LDAP://194.7.23.169/cn=" + CUID + ",OU=Users,OU=Operations,OU=Orange,DC=qconsulting,DC=local"

我尝试了什么：



我试图用sAMAccountname替换cn，sn ，...

What I have tried:

I tried to replace cn by sAMAccountname, sn, ...

推荐答案

好的，GetObject并不适合这个。这需要更多的代码才能正常工作。



首先，你的代码是硬编码搜索的目录路径，因为你的代码根本没有真正进行任何搜索。它还硬编码要使用的IP。这很糟糕因为如果该服务器关闭或IP更改，您的搜索将失败。此外，如果目录路径发生变化，则必须更改代码以适应目录中的更改。



这可以通过一种简单的方法轻松解决：

OK, GetObject isn't really appropriate for this. This requires quite a bit more code to work properly.

First, your code is hard-coding the directory path to "search", as your code doesn't really do any searching at all. It also hard-codes the IP to use. That's bad because if that server is down or the IP changes, your search is going to fail. Also, if the directory path changes at all, your code has to be changed to accommodate the changes in the directory.

That is easily solved with a simple method:

Function GetDefaultNamingContext() As String
    Dim rootDse As New DirectoryEntry("LDAP://rootDSE")

    Dim domainDn = rootDse.Properties("DefaultNamingContext").Value.ToString

    Return domainDn
End Function

现在，需要一种方法来搜索AD用户对象的samAccountName。这比单行代码要复杂得多：

Now, need a method to search for an AD User object by its samAccountName. That's quite a bit more complicated than a single line of code:

Function GetAdObjectForSamAccount(ByVal samAccountName As String)
    ' Validate we have something to search for.
    If [String].IsNullOrEmpty(samAccountName) Then
        Throw New ArgumentNullException(samAccountName)
    End If

    ' Get the directory context to search.
    Dim context As String = GetDefaultNamingContext()

    ' Setup a search for a samAccountName.
    ' First, point to the directory to search.
    Using directory As New DirectoryEntry(

LDAP：// { context}）
' 创建一个搜索器为我们完成工作。
使用搜索器作为 新 DirectorySearcher（目录，

"LDAP://{context}") ' Create a Searcher to do the work for us. Using searcher As New DirectorySearcher(directory,

samAccountName = {samAccountName}）
' 搜索目录的整个子树，因为
' 用户可以真正存储在树中的任何位置。
searcher.SearchScope = SearchScope.Subtree

' 这将存储搜索结果
Dim 结果作为 SearchResult

' < span class =code-comment>这将是DirectoryEntry对象我们
' return，如果有的话。
Dim returnObject As DirectoryEntry = 没什么

' 在diroectory中搜索我们想要的对象。
result = searcher.FindOne

' 检查是否找到了对象结果。
如果结果 IsNot Nothing 然后
' 抓取找到的对象的DirectoryEntry对象。
returnObject = result.GetDirectoryEntry
结束 如果

' 将我们发现的任何内容返回给调用者。
返回 returnObject
结束 使用
结束 < span class =code-keyword>使用
结束 功能

"samAccountName={samAccountName}") ' Search the entire subtree of the directory because ' Users can really be stored anywhere in a tree. searcher.SearchScope = SearchScope.Subtree ' This will store the result of the search Dim result As SearchResult ' This is going to be the DirectoryEntry object we ' return, if any. Dim returnObject As DirectoryEntry = Nothing ' Search the diroectory for the object we want. result = searcher.FindOne ' Check if an object result was found. If result IsNot Nothing Then ' Grab the DirectoryEntry object for the found object. returnObject = result.GetDirectoryEntry End If ' Return whatever we found back to the caller. Return returnObject End Using End Using End Function

为什么这样做？因为您可以从其他人那里调用此方法，所有这些方法都可能以某种方式使用User对象，但方式不同。这些方法中的每一个都可以使用此方法仅基于samAccountName为它们获取User对象。



例如，返回特定samAccountName的DisplayName的方法或者你称之为登录名。

Why do this? Because you can call this method from others that all might work with a User object somehow, but in different ways. Each of those methods can use this method to grab a User object for them just based on the samAccountName.

For example, a method to return the DisplayName for a particular samAccountName, or what you're calling the "logon name".

Function GetDisplayNameForSamAccount(ByVal samAccountName As String) As String
    ' Validate we have something to search for.
    If [String].IsNullOrEmpty(samAccountName) Then
        Throw New ArgumentNullException(samAccountName)
    End If

    Dim displayName As String = String.Empty
    Dim adObject As DirectoryEntry = GetAdObjectForSamAccount(samAccountName)

    If adObject IsNot Nothing Then
        displayName = adObject.Properties("DisplayName")(0).ToString
    End If

    Return displayName
End Function

拨打此电话并获取您正在寻找的全名非常简单：

And to call this and get the full name you're looking for is really easy:

Dim name As String = GetDisplayNameForSamAccount("BCNF0167")

Console.WriteLine(

这篇关于在AD中使用登录名进行搜索的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！