Active Directory LDAP查询结果始终缺少已知存在的属性 [英] Active Directory LDAP query result always missing attributes that are known to exist
问题描述
这是我当前遇到的一个问题,用户配置文件具有属性'EmployeeID',该属性在使用
This is a problem Im currently stumped on, a user profile has an attribute 'EmployeeID' that appears when viewing that user with AD Explorer, so data exists, eg value of 12345. Now when I pull that user profile via LDAP, using a tool like Apache Studio, most attributes are returned, but not all, eg EmployeeID. I've experienced the same thing in other LDAP client apps. So the problem appears specific to an LDAP client versus 'API' calls.
在所有情况下都使用相同的凭据,因此这不是权限问题...
The same credentials were used in all cases, so its not a permissions issue...
以前有没有人看到过此消息,或者是否有线索了解如何通过LDAP来访问该属性?
Has anyone seen this before or have a clue as to how to enable access to that attribute via LDAP?
推荐答案
我遇到了类似的问题-我的LDAP查询未返回我期望看到的所有属性.缺少属性,这些属性会显示在AD资源管理器中.我的问题是我错误地绑定到全局目录(即,在查询中使用GC:别名而不是LDAP :). GC查询旨在快速进行,因此全局编录仅包含AD对象的部分属性集.切换到LDAP:绰号而不是GC:解决了我的问题,返回了以前缺少的属性.
I encountered a similar problem - my LDAP query was not returning all of the properties I was expecting to see. Properites were missing which would show up in AD Explorer. My problem was that I was mistakenly binding to the global catalog (ie. using the GC: moniker instead of LDAP:, in my query). GC queries are intended to be fast, so the global catalog only includes a partial set of properties for AD objects. Switching to the LDAP: moniker instead of GC: resolved my issue, returning the properties that had previously been missing.
有关更多信息:
这篇关于Active Directory LDAP查询结果始终缺少已知存在的属性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
