我正在尝试查询LDAP服务器以查找LDAP用户并将其导入我的系统。但是,当我尝试执行此操作时,请求会引发DirectoryOperationException,说The object does not exist。
ldapConnection.AuthType = AuthType.Negotiate;
if (ldapDomain.UseEncryption)
{
ldapConnection.SessionOptions.SecureSocketLayer = true;
ldapConnection.SessionOptions.StartTransportLayerSecurity(null);
}
var credentials = new NetworkCredential(loginName, password, ldapDomain.Name);
ldapConnection.Bind(credentials);
var filter = String.Format("(&(objectCategory=person)(objectClass=user)(anr={0})(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))", loginName);
var request = new SearchRequest(containerDistinguishedName, filter, SearchScope.Subtree);
var response = ldapConnection.SendRequest(request) as SearchResponse;
var entry = response.Entries[0];
我只需要对抗Microsoft / Windows LDAP服务器。目前,containerDistinguishedName为空,但可以填入值以进一步限制搜索过滤器。
答案 0 :(得分:2)
从外观来看,空containerDistinguishedName指的是根DSE,但subtree范围的搜索应该仍然有效,假设连接的授权状态允许拖网DIT(Root DSE)仅在搜索结果为base时才会在搜索结果中返回。尝试使用“{1}}的”最高“DIT的基础对象,类似containerDistinguishedName。