I haven't worked with an LDAP before so I am a bit lost. I need to connect to an LDAP source find a specific attribute and change it. The input for the program is a CSV file with a list of users. The program is supposed to read the UID from the CSV file find the record in the LDAP and replace a certain attribute. I haven't a clue how to do this. Could any one point me in the right direction please?
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
First Element of response, using ADSI (old fashion)
How to do Almost everything (with ADSI) on Active Directory with C#
Second Element of response, begining .NET 3.5 Microsoft introduce 'Principal' and 'AccountManagement'.
How to do Almost everything (with AccountManagement) on Active Directory with C#
Third Element of response, you can use low level (native LDAP) protocol with System.DirectoryServices.Protocols (S.DS.P).
Remark : If you are interested in how to interrogate active directory from native code, you may have a look to LDAP C-Binding API as discribed in RFC 1823 specifies, Microsoft support it, see MS Strategy for Lightweight Directory Access Protocol (LDAP). You'll find the using and reference manuals of the Microsoft API in Lightweight Directory Access Protocol.
回答2:
@KenL Almost got me there. I also had to set the AuthenticationType of the DirectoryEntry to get it to work. Also, pay attention to how you are using wildcards (Kleene Stars).
DirectoryEntry rootEntry = new DirectoryEntry("LDAP://some.ldap.server.com");
rootEntry.AuthenticationType = AuthenticationTypes.None; //Or whatever it need be
DirectorySearcher searcher = new DirectorySearcher(rootEntry);
var queryFormat = "(&(objectClass=user)(objectCategory=person)(|(SAMAccountName=*{0}*)(cn=*{0}*)(gn=*{0}*)(sn=*{0}*)(email=*{0}*)))";
searcher.Filter = string.Format(queryFormat, searchString);
foreach(SearchResult result in searcher.FindAll())
{
Console.WriteLine("account name: {0}", result.Properties["samaccountname"].Count > 0 ? result.Properties["samaccountname"][0] : string.Empty);
Console.WriteLine("common name: {0}", result.Properties["cn"].Count > 0 ? result.Properties["cn"][0] : string.Empty);
}
回答3:
code wise it is a lot simpler than you think. You need to create a connection to the directory, set up a searcher, then search by property name.
DirectoryEntry entry = new DirectoryEntry("LDAP://MyDomain.com");
DirectorySearcher dSearch = new DirectorySearcher(entry);
dSearch.Filter = "(&(objectCategory=person)(objectClass=user)(" + SType + "=" + Name + "))";
SType is the name type, and Name is the actual user name
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 叼着烟拽天下 的文章《Querying an LDAP》','https://www.manongdao.com/article-74354.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}