I have three or more domains like main.com, sub.main.com, sub2.main.com and etc
I have a code:
using (PrincipalContext ctx =
new PrincipalContext(ContextType.Domain, "ADServer",
"dc=main,dc=com", ContextOptions.Negotiate))
{
UserPrincipal u = new UserPrincipal(ctx);
u.UserPrincipalName = "*" + mask + "*";
using (PrincipalSearcher ps = new PrincipalSearcher(u))
{
PrincipalSearchResult<Principal> results = ps.FindAll();
List<ADUser> lst = new List<ADUser>();
foreach (var item in results.Cast<UserPrincipal>().Take(15))
{
byte[] sid = new byte[item.Sid.BinaryLength];
item.Sid.GetBinaryForm(sid, 0);
ADUser us = new ADUser()
{
Sid = sid,
Account = item.SamAccountName,
FullName = item.DisplayName
};
lst.Add(us);
}
}
return lst;
}
But it searches within only one domain: main.com.
How can I search records in all domains at one time?
Here is a way to find all your domains from the root one :
/* Retreiving RootDSE
*/
string ldapBase = "LDAP://DC_DNS_NAME:389/";
string sFromWhere = ldapBase + "rootDSE";
DirectoryEntry root = new DirectoryEntry(sFromWhere, "AdminLogin", "PWD");
string configurationNamingContext = root.Properties["configurationNamingContext"][0].ToString();
/* Retreiving the root of all the domains
*/
sFromWhere = ldapBase + configurationNamingContext;
DirectoryEntry deBase = new DirectoryEntry(sFromWhere, "AdminLogin", "PWD");
DirectorySearcher dsLookForDomain = new DirectorySearcher(deBase);
dsLookForDomain.Filter = "(&(objectClass=crossRef)(nETBIOSName=*))";
dsLookForDomain.SearchScope = SearchScope.Subtree;
dsLookForDomain.PropertiesToLoad.Add("nCName");
dsLookForDomain.PropertiesToLoad.Add("dnsRoot");
SearchResultCollection srcDomains = dsLookForDomain.FindAll();
foreach (SearchResult aSRDomain in srcDomains)
{
}
Then foreach domain, you can look for what you need.
You should use GC instead of LDAP. It searches along whole Domain Forest
var path="GC://DC=main,DC=com";
try {
using (var root = new DirectoryEntry(path, username, password)) {
var searchFilter=string.Format("(&(anr={0})(objectCategory=user)(objectClass=user))", mask);
using (var searcher = new DirectorySearcher(root, searchFilter, new[] { "objectSid", "userPrincipalName" })) {
var results = searcher.FindAll();
foreach(SearchResult item in results){
//What ever you do
}
} catch (DirectoryServicesCOMException) {
// username or password are wrong
}
To actually use System.DirectoryServices.AccountManagement to do the search, specify the domain as such:
new PrincipalContext(ContextType.Domain, "xyz.mycorp.com:3268", "DC=mycorp,DC=com");
From
When do I need a Domain Name and a Domain Container to create a PrincipalContext?
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 再贱就再见 的文章《How to search in multiple domains using System.Dir》','https://www.manongdao.com/article-584232.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}