如何使用>在Ldap服务器上进行分页搜索使用Novell.Directory.Ldap.NETStandard 10000个条目？ [英] How to do a paged search on an Ldap server with > 10000 entries using Novell.Directory.Ldap.NETStandard?

问题描述

这类似于如何在具有很多用户的Ldap服务器上进行页面搜索？，但是建议的解决方案对我们不起作用。

This is similar to How to do a paged search on an Ldap server with lots of users? but the suggested solution does not work for us.

我们使用Novell .Directory.Ldap.NETStandard库，我们需要从Active Directory中提取10000个以上的条目。我们使用LdapVirtualListControl来处理分页，但是该控件需要另一个控件：LdapSortControl。 Active Directory的默认排序限制为（10000），如果结果超过该限制，则会发送错误53（不愿意执行）。如果省略了检测最大结果错误，我们将改为得到LdapException：不可用的关键扩展名。

We use Novell.Directory.Ldap.NETStandard library and we need to fetch more than 10000 entries from an Active Directory. We use the LdapVirtualListControl to handle paging, but that control requires another control: LdapSortControl. Active Directory has an default limit for sorting (10000) and will send an error 53 (unwilling to perform) if the result exceeds that limit. If the "Detect max result error" is omitted, we will instead get a LdapException: 'Unavailable Critical Extension'.

        // Connection
        var ldapConn = new LdapConnection()
        {
            SecureSocketLayer = true,
        };
        ldapConn.UserDefinedServerCertValidationDelegate += (sender, certificate, chain, sslPolicyErrors) => true;
        ldapConn.Connect(host, 636);            
        ldapConn.Bind(username, password);


        var searchConstraints = (LdapSearchConstraints)ldapConn.SearchConstraints.Clone();
        int contentCount = 0, count = 0, startIndex = 1, pageSize = 1000;
        bool exit;

        do
        {
            // Add Virtual List Control
            searchConstraints.setControls(new List<LdapControl>
            {
                { new LdapVirtualListControl(startIndex, 0, pageSize - 1, contentCount) },
                { new LdapSortControl(new LdapSortKey[1] { new LdapSortKey("name") },true) }
            }.ToArray());

            // Perform search
            var searchResult = ldapConn.Search(container, scope, query, null, false, searchConstraints);

            // Get entries in page
            var inPageCount = 0;
            while (searchResult.hasMore())
            {

                // Detect max result error
                LdapSortResponse ldapControl = searchResult.ResponseControls?.OfType<LdapSortResponse>().FirstOrDefault();
                if (ldapControl != null && ldapControl.ResultCode == 53) throw new LdapResultLimitExceeded(string.Format("ActiveDirectory: Ldap result limit exceeded in {0}.", container));

                searchResult.next();
                inPageCount++;
            }

            // Check for more pages 
            var control = FindResponseControl(searchResult, ActiveDirectoryService.LDAP_SERVER_VIRTUAL_LIST_VIEW_OID);
            if (control != null)
            {
                var response = new LdapVirtualListResponse(control.ID, control.Critical, control.getValue());
                startIndex += pageSize;
                contentCount = response.ContentCount;
                if (count + pageSize > contentCount) count = contentCount; else count += inPageCount;
            }
            exit = control == null;
        } while (count < contentCount && contentCount > 0 && !exit);

我们应该如何处理超过10000个条目的搜索？

How should we handle search for more then 10000 entries?

推荐答案

如果只需要按顺序遍历结果集，则无需使用LVL。我建议使用简单页面结果控件（ https://stackoverflow.com/a/59747510/4700228 ）

In case you just need to iterate through the result set sequentially, you don't need to use LVL. I suggest using Simple Paged Results Control (https://stackoverflow.com/a/59747510/4700228)

这篇关于如何使用>在Ldap服务器上进行分页搜索使用Novell.Directory.Ldap.NETStandard 10000个条目？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！