IQueryable to non-AD LDAP_问答_开发者_运维开发者技术经验分享

开发者 https://www.devze.com 2023-02-18 16:37 出处：网络

Our institution has a large LDAP system which we access over LDAPS on port 636. I\'m attempting to create an IQueryable interface to this LDAP which maps onto existing People entities but am having tr

相关专题：.net ldap

Our institution has a large LDAP system which we access over LDAPS on port 636. I'm attempting to create an IQueryable interface to this LDAP which maps onto existing People entities but am having trouble.

I mention the above so folks know my end goal but I'd be satisified today if someone could help me simply run a successful query against this non-AD LDAP, even if its outside of the IQueryable realm. Here's what I have so far (I've edited the password, uid and ou for security):

var url = @"ldaps://ldap.ucdavis.edu:636/uid=s1,ou=s2,dc=ucdavis,dc=edu";
        var password = @"something";

        DirectoryEntry entry = new DirectoryEntry(url);
        entry.Password = password;
        entry.AuthenticationType = AuthenticationTypes.Secure;

        DirectorySearcher mySearcher = new DirectorySearcher(entry);

        SearchResultCollection results;

        results = mySearcher.FindAll();

        foreach(SearchResult resEnt in results) {
            ResultPropertyCollection propcoll = resEnt.Properties;

            foreach (string key in propcoll.PropertyNames)
            {
                foreach (object values in propcoll[key])
                {
                    switch (key)
                    {
                        case "sn":
                            //sb.Append(key.ToString() + "<surname>"
                            //+ values.ToString() + "</surname>");
                            break;
                        case "cn":
                            //sb.Append(key.ToString() + "<cn>"
                            //+ values.ToString() + "</cn>");
                            break;
                        case "name":
                            //sb.Append(key.ToString() + "<name>"
                            //+ values.ToString() + "</name>");
                            break;
                    }
                }
            }
        }

But I keep getting an "unknown error" on the line mySearcher.FindAll(). Anybody see an obvious problem here? Am I specifying the ou and uid co开发者_高级运维rrectly?

>see an obvious problem here?

Where's the search query itself?

DirectorySearcher(entry);

It initializes the searcher given your base path.

Try setting the "filter" property to a valid LDAP search string, such as "(objectClass=inetOrgPerson)".

Also, try setting the SearchScope to OneLevel.

Anyway, I don't really think that will help.

AFAIK DirectorySearcher is merely a wrapper over the ADSI. What you should use instead is the classes from System.DirectoryServices.Protocols namespace, see this article: http://msdn.microsoft.com/en-us/library/bb332056.aspx

I wonder if the LDAP DN is correct? AD used dc=acme, dc=com, but other LDAP servers might use ou=ucdavis, o=edu perhaps.