我正在用c ++编写一个基本的ldap查询,需要返回我们的服务器/工作站。我从微软网站上找到了这个例子,并将其改变了一点以适应我的需要。 https://msdn.microsoft.com/en-us/library/aa367016(v=vs.85).aspx
我能够绑定到我们的服务器并运行没有问题的查询并将其转储到日志文件中,但我无法返回超过4000个对象。我们的域名非常大,有子域名,我们需要查询超过4000.我能够使用powershell对同一个域控制器运行查询,并返回所有对象。我正在运行以进行测试的查询是:"(objectCategory = computer)"我想将它保存在c ++中,因为我将它与现有的程序集成。
根据:https://msdn.microsoft.com/en-us/library/aa366971(v=vs.85).aspx 我应该能够将sizelimit设置为0并且应该返回所有条目(除非我对条目的含义的理解是错误的)。但是,从ldap_search_s()更改为ldap_search_ext_s并为LDAP_NO_LIMIT或0设置标志对返回的条目数没有影响。截至目前,我一直在努力弄清楚为什么我不能用我所拥有的东西归还所有条目。
这是我获得的代码。
`//New Class//
Search *s = new Search;
ULONG numReturned = 0; //No Limit
char *LdapServer = "Domain.com";
//Init ssl//
LDAP *ldap = ldap_sslinitA(LdapServer, LDAP_SSL_PORT, 1);
unsigned long version = LDAP_VERSION3;
ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, (void*)&version);
ldap_set_option(ldap, LDAP_OPT_SIZELIMIT, (void*)&numReturned);
//Define what attributes to return//
PCHAR pMyAttributes[2];
pMyAttributes[0] = "distinguishedName";
pMyAttributes[1] = NULL;
//Message return handle//
LDAPMessage *pMsg = NULL;
unsigned long connectSuccess = ldap_connect(ldap, NULL);
if (connectSuccess == LDAP_SUCCESS) {
std::cout << "Connection to ldap successful\n";
ldap_simple_bind(ldap, s->user, s->pw);
std::string beginSearch = "";
std::cout << "Enter your custom query:\n";
std::getline(std::cin, beginSearch);
ldap_search_ext_s(ldap, "dc=Domain,dc=com", LDAP_SCOPE_SUBTREE,
(PSTR)beginSearch.c_str(), pMyAttributes, NULL, NULL, NULL,NULL,
LDAP_NO_LIMIT, &pMsg);
ULONG numberOfEntries;
numberOfEntries = ldap_count_entries(ldap, pMsg);
if (numberOfEntries == NULL) {
std::cout << "Ldap entries returned fail with 0x" <<
connectSuccess << "\n";
}
else {
std::cout << "Entries returned: " << numberOfEntries;
LDAPMessage *pEntry = NULL;
PCHAR pEntryDN = NULL;
ULONG iCnt = 0;
char* sMsg;
BerElement *pBer = NULL;
PCHAR pAttribute = NULL;
PCHAR *ppValue = NULL;
ULONG iValue = 0;
//Loop through the entries//
for (iCnt = 0; iCnt < numberOfEntries; iCnt++) {
//Get the first/next entry//
if (!iCnt)
pEntry = ldap_first_entry(ldap, pMsg);
else
pEntry = ldap_next_entry(ldap, pEntry);
//Output status message//
sMsg = (!iCnt ? "ldap_first_entry" : "ldap_next_entry");
if (pEntry == NULL) {
std::cout << "failed with 0x" << sMsg <<
LdapGetLastError();
ldap_unbind_s(ldap);
ldap_msgfree(pMsg);
return -1;
}
else
std::cout << "Succeeded\n" << sMsg;
std::cout << "Entry Number: " << iCnt;
pAttribute = ldap_first_attribute(ldap, pEntry, &pBer);
//Session Handle, Current Entry, [out] Current BerElement
//Begin outputting the attribute names for the current object and ouput
values//
while (pAttribute != NULL) {
std::cout << "ATTR: " << pAttribute;
Log(pAttribute);
//get string values
ppValue = ldap_get_values(ldap, pEntry, pAttribute);
//Session handle, current entry, current attribute
if (ppValue == NULL)
std::cout << "\nNo Attribute value returned!\n";
else {
iValue = ldap_count_values(ppValue);
if (!iValue)
std::cout << "BAD VALUE LIST!\n";
else {
//Output the first attribute//
std::cout << ": " << *ppValue;
Log(*ppValue);
//If there are more, continuing outputting//
ULONG z;
for (z = 1; z < iValue; z++) {
std::cout << ", " << ppValue[z];
Log(ppValue[z]);
}
}
}
if (ppValue != NULL)
ldap_value_free(ppValue);
ppValue = NULL;
ldap_memfree(pAttribute);
pAttribute = ldap_next_attribute(ldap, pEntry, pBer);
std::cout << "\n";
}
if (pBer != NULL)
ber_free(pBer, 0);
pBer = NULL;
}
ldap_unbind(ldap);
ldap_msgfree(pMsg);
ldap_value_free(ppValue);
}
}
}
`
我感谢任何帮助或指示。对不起,如果我的代码难以阅读。
答案 0 :(得分:1)
您请求的AD可能也在服务器上设置了sizelimit。
您正在配置的是客户端,但不能覆盖服务器端。
如果您的管理员不想更改服务器sizelimit,则必须使用paged results
控件请求
我不知道如何用C ++实现这个