4

我正在尝试使用 LDAP 查询来返回过去 24 小时内创建的所有计算机对象。我的代码目前如下所示:

//Declare new DirectoryEntry and DirectorySearcher
DirectoryEntry domainRoot = new DirectoryEntry("LDAP://rootDSE");
string rootOfDomain = domainRoot.Properties["rootDomainNamingContext"].Value.ToString();
DirectorySearcher dsSearch = new DirectorySearcher(rootOfDomain);

//Set the properties of the DirectorySearcher
dsSearch.Filter = "(&(objectClass=Computer)(whenCreated>" + dateFilter.ToString() + "))";
dsSearch.PageSize = 2000;
dsSearch.PropertiesToLoad.Add("distinguishedName");
dsSearch.PropertiesToLoad.Add("whenCreated");
dsSearch.PropertiesToLoad.Add("description");
dsSearch.PropertiesToLoad.Add("operatingSystem");
dsSearch.PropertiesToLoad.Add("name");

//Execute the search
SearchResultCollection computersFound = dsSearch.FindAll();

此代码不返回任何对象,并且我确定在过去 24 小时内创建了帐户。

编辑:我用以下代码解决了这个问题:

GetCompList(DateTime.Now.AddDays(-1)); //This sets the filter to one day previous

//Declare new DirectoryEntry and DirectorySearcher
DirectoryEntry domainRoot = new DirectoryEntry("LDAP://rootDSE");
string rootOfDomain = domainRoot.Properties["rootDomainNamingContext"].Value.ToString();
DirectorySearcher dsSearch = new DirectorySearcher(rootOfDomain);

//Set the properties of the DirectorySearcher
dsSearch.Filter = "(&(objectClass=Computer)(whenCreated>=" + dateFilter.ToString("yyyyMMddHHmmss.sZ") + "))";
dsSearch.PageSize = 2000;
dsSearch.PropertiesToLoad.Add("distinguishedName");
dsSearch.PropertiesToLoad.Add("whenCreated");
dsSearch.PropertiesToLoad.Add("description");
dsSearch.PropertiesToLoad.Add("operatingSystem");
dsSearch.PropertiesToLoad.Add("name");


//Execute the search
SearchResultCollection computersFound = dsSearch.FindAll();

秘密是这条线:

dsSearch.Filter = "(&(objectClass=Computer)(whenCreated>=" + dateFilter.ToString("yyyyMMddHHmmss.sZ") + "))";
4

1 回答 1

2

事实证明,答案在于 whenCreated 过滤器的格式。根据This blogpost ,whenCreated 的过滤器必须格式化为“yyyyMMddHHmmss.sZ”,其中 Z 是与 UTC 的偏移量。我所做的是创建了一个名为 

private void GetCompList(DateTime dateFilter) //This overloaded version of GetCompList takes a parameter of type DateTime, and only returns computers that were built after dateFilter
    {
        try
        {
            //Convert the dateFilter to a format appropriate for an LDAP query
            int offset = -8;
            //string strDateFilter = convertToCrazyFormat(dateFilter, offset);

            //string strDateFilter = dateFilter.ToString("yyyyMMddhhmmss");

            //Declare new DirectoryEntry and DirectorySearcher
            DirectoryEntry domainRoot = new DirectoryEntry("LDAP://rootDSE");
            string rootOfDomain = domainRoot.Properties["rootDomainNamingContext"].Value.ToString();
            DirectorySearcher dsSearch = new DirectorySearcher(rootOfDomain);

            //Set the properties of the DirectorySearcher
            dsSearch.Filter = "(&(objectClass=Computer)(whenCreated>=" + dateFilter.ToString("yyyyMMddHHmmss.s" + offset.ToString()) + "))";
            dsSearch.PageSize = 2000;
            dsSearch.PropertiesToLoad.Add("distinguishedName");
            dsSearch.PropertiesToLoad.Add("whenCreated");
            dsSearch.PropertiesToLoad.Add("description");
            dsSearch.PropertiesToLoad.Add("operatingSystem");
            dsSearch.PropertiesToLoad.Add("name");

然后我调用这样的方法:

GetCompList(DateTime.Now.AddDays(-1));//Pass in a negative value that represents the time period you want objects from, in this case the last day
于 2012-05-03T14:35:10.350 回答