0
我有以下代码:从Active Directory获取所有用户?
DirectoryEntry directoryEntry = default(DirectoryEntry);
// Binding object.
DirectoryEntry objGroupEntry = default(DirectoryEntry);
// Group Results.
DirectorySearcher objSearchADAM = default(DirectorySearcher);
// Search object.
SearchResultCollection objSearchResults = default(SearchResultCollection);
// Binding path.
ActiveDirectory result = new ActiveDirectory();
ActiveDirectoryItem treeNode;
string adServer = ADTestProject.Properties.Settings.Default.Server;
string adDomain = ADTestProject.Properties.Settings.Default.Domain;
string adUsername = ADTestProject.Properties.Settings.Default.AdiminUsername;
string password = ADTestProject.Properties.Settings.Default.Password;
string[] dc = adDomain.Split('.');
string dcAdDomain = string.Empty;
foreach (string item in dc)
{
if (dc[dc.Length - 1].Equals(item))
dcAdDomain = dcAdDomain + "DC=" + item;
else
dcAdDomain = dcAdDomain + "DC=" + item + ",";
}
// Get the AD LDS object.
if (pathToAD.Length > 0)
directoryEntry = new DirectoryEntry("LDAP://" + adServer + "/CN=Users," + dcAdDomain, adUsername, password);
else
directoryEntry = new DirectoryEntry();
DirectorySearcher ds = new DirectorySearcher(directoryEntry);
ds.SearchScope = SearchScope.Subtree;
ds.Filter = "(&(objectClass=group))";
objSearchResults = ds.FindAll();
然后将此:
if (objSearchResults.Count != 0)
{
foreach (SearchResult objResult in objSearchResults)
{
objGroupEntry = objResult.GetDirectoryEntry();
result.ActiveDirectoryTree.Add(new ActiveDirectoryItem()
{ Id = objGroupEntry.Guid,
ParentId = objGroupEntry.Parent.Guid,
AccountName = objGroupEntry.Name,
Type = ActiveDirectoryType.Group,
PickableNode = false
});
foreach (object child in objGroupEntry.Properties["member"])
{
treeNode = new ActiveDirectoryItem();
var path = child.ToString().Replace;
using (var memberEntry = new DirectoryEntry(path))
{
if (memberEntry.Username != null && memberEntry.SchemaEntry.Name.CompareTo("group") != 0
&& memberEntry.Properties.Contains("sAMAccountName") && memberEntry.Properties.Contains("objectSid"))
{
treeNode.Id = Guid.NewGuid();
treeNode.ParentId = objGroupEntry.Guid;
treeNode.AccountName = memberEntry.Properties["sAMAccountName"][0].ToString();
treeNode.Type = ActiveDirectoryType.User;
treeNode.PickableNode = true;
treeNode.FullName = memberEntry.Properties["Name"][0].ToString();
byte[] sidBytes = (byte[])memberEntry.Properties["objectSid"][0];
treeNode.ObjectSid = new System.Security.Principal.SecurityIdentifier(sidBytes, 0).ToString();
result.ActiveDirectoryTree.Add(treeNode);
}
}
}
}
}
的Child.ToString看起来是这样的:
CN=S-1-5-18,CN=ForeignSecurityPrincipals,DC=MyDomain,DC=local
的问题是,memberEntry得到了很多属性的例外情况?为什么?
例外情况是这样的:
'memberEntry.Name' 扔 'System.Runtime.InteropServices.COMException' 类型字符串 {System.Runtime.InteropServices.COMException}的一个异常 - 未指定的错误 -2147467259
堆栈跟踪:在在 System.DirectoryServ System.DirectoryServices.DirectoryEntry.Bind(布尔throwIfFail)
在System.DirectoryServices.DirectoryEntry.Bind() ices.DirectoryEntry.get_Name()
'赶上(例外五){抛出È; } - 有点没有意义,你会放弃整个调用堆栈。使用'throw;'或者删除整个try \ catch块。 –
是的,你是正确的,天堂清理代码呢。谢谢 – Banshee
既然你没有提到你得到的确切异常,我们只能在这里猜测,但也许'名称'属性没有定义在所有的对象?你无条件地得到它,那会是问题。 – Maverik