0
我有以下代碼:從Active Directory獲取所有用戶?
DirectoryEntry directoryEntry = default(DirectoryEntry);
// Binding object.
DirectoryEntry objGroupEntry = default(DirectoryEntry);
// Group Results.
DirectorySearcher objSearchADAM = default(DirectorySearcher);
// Search object.
SearchResultCollection objSearchResults = default(SearchResultCollection);
// Binding path.
ActiveDirectory result = new ActiveDirectory();
ActiveDirectoryItem treeNode;
string adServer = ADTestProject.Properties.Settings.Default.Server;
string adDomain = ADTestProject.Properties.Settings.Default.Domain;
string adUsername = ADTestProject.Properties.Settings.Default.AdiminUsername;
string password = ADTestProject.Properties.Settings.Default.Password;
string[] dc = adDomain.Split('.');
string dcAdDomain = string.Empty;
foreach (string item in dc)
{
if (dc[dc.Length - 1].Equals(item))
dcAdDomain = dcAdDomain + "DC=" + item;
else
dcAdDomain = dcAdDomain + "DC=" + item + ",";
}
// Get the AD LDS object.
if (pathToAD.Length > 0)
directoryEntry = new DirectoryEntry("LDAP://" + adServer + "/CN=Users," + dcAdDomain, adUsername, password);
else
directoryEntry = new DirectoryEntry();
DirectorySearcher ds = new DirectorySearcher(directoryEntry);
ds.SearchScope = SearchScope.Subtree;
ds.Filter = "(&(objectClass=group))";
objSearchResults = ds.FindAll();
然後將此:
if (objSearchResults.Count != 0)
{
foreach (SearchResult objResult in objSearchResults)
{
objGroupEntry = objResult.GetDirectoryEntry();
result.ActiveDirectoryTree.Add(new ActiveDirectoryItem()
{ Id = objGroupEntry.Guid,
ParentId = objGroupEntry.Parent.Guid,
AccountName = objGroupEntry.Name,
Type = ActiveDirectoryType.Group,
PickableNode = false
});
foreach (object child in objGroupEntry.Properties["member"])
{
treeNode = new ActiveDirectoryItem();
var path = child.ToString().Replace;
using (var memberEntry = new DirectoryEntry(path))
{
if (memberEntry.Username != null && memberEntry.SchemaEntry.Name.CompareTo("group") != 0
&& memberEntry.Properties.Contains("sAMAccountName") && memberEntry.Properties.Contains("objectSid"))
{
treeNode.Id = Guid.NewGuid();
treeNode.ParentId = objGroupEntry.Guid;
treeNode.AccountName = memberEntry.Properties["sAMAccountName"][0].ToString();
treeNode.Type = ActiveDirectoryType.User;
treeNode.PickableNode = true;
treeNode.FullName = memberEntry.Properties["Name"][0].ToString();
byte[] sidBytes = (byte[])memberEntry.Properties["objectSid"][0];
treeNode.ObjectSid = new System.Security.Principal.SecurityIdentifier(sidBytes, 0).ToString();
result.ActiveDirectoryTree.Add(treeNode);
}
}
}
}
}
的Child.ToString看起來是這樣的:
CN=S-1-5-18,CN=ForeignSecurityPrincipals,DC=MyDomain,DC=local
的問題是,memberEntry得到了很多屬性的例外情況?爲什麼?
例外情況是這樣的:
'memberEntry.Name' 扔 'System.Runtime.InteropServices.COMException' 類型字符串 {System.Runtime.InteropServices.COMException}的一個異常 - 未指定的錯誤 -2147467259
堆棧跟蹤:在在 System.DirectoryServ System.DirectoryServices.DirectoryEntry.Bind(布爾throwIfFail)
在System.DirectoryServices.DirectoryEntry.Bind() ices.DirectoryEntry.get_Name()
'趕上(例外五){拋出È; } - 有點沒有意義,你會放棄整個調用堆棧。使用'throw;'或者刪除整個try \ catch塊。 –
是的,你是正確的,天堂清理代碼呢。謝謝 – Banshee
既然你沒有提到你得到的確切異常,我們只能在這裏猜測,但也許'名稱'屬性沒有定義在所有的對象?你無條件地得到它,那會是問題。 – Maverik