开发者

Active Directory C# using ManagedBy attribute

开发者 https://www.devze.com 2023-03-26 10:53 出处:网络
We have several call centers each with has its own group in the Active Directory that contains all the agents working at that call center. There it is possible for the call center to have multiple sup

We have several call centers each with has its own group in the Active Directory that contains all the agents working at that call center. There it is possible for the call center to have multiple supervisors so I got someone at our helpdesk to setup the active directory like this:

Atlanta Call Center

  • Agent1
  • Agent2
  • Agent3

Then:

Atlanta Call Center - Supervisors

  • Supervisor1
  • Supervisor2

And the Call Center Group's managedBy attribute is set to the supervisor's group.

Currently I have to query it using the full distinguishedname of the supervisors group.

I would like to just run a query on the supervisor logged in to get the group name managedBy that supervisor. Any suggestions on a better approach. I've actually got the network admin looking into the issue now. I think he know开发者_如何学运维s what to do but I already typed this out so I'll see what you guys say.

This is what our network admin just said on the issue.

Using a property of a OU in the AD is not a good practice for handling issue such as this. The issue should be handled via groups and users only. OUs should be used for logical organization of objects for management purposes.

Label1.Text = getCallCenterGroup("CN=******Supervisors,OU=Groups,OU=*******,OU=Locations,DC=******,DC=local");

protected string getCallCenterGroup(string user)
{
        DirectoryEntry searchRoot = new DirectoryEntry("LDAP://******");
        DirectorySearcher search = new DirectorySearcher(searchRoot);

        search.Filter = "(managedBy=" + user + ")";
        search.PropertiesToLoad.Add("managedBy");
        search.PropertiesToLoad.Add("distinguishedName");
        search.PropertiesToLoad.Add("cn");

        SearchResultCollection groups = search.FindAll();

        foreach (SearchResult sr in groups)
        {
            return sr.Properties["cn"][0].ToString();
        }

        return null;
    }


managedBy is a linked attribute so the only syntax you can query it with is the DN of the object you want to match on. I'm not sure if that was the question or if I'm misunderstanding, though.

On a seperate thread, I don't really agree with your network admin about not extending OUs, but, that's a seperate discussion.

0

精彩评论

暂无评论...
验证码 换一张
取 消