32

是否可以System.DirectoryServices.AccountManagement.PrincipalSearcher使用“或”(不是“和”)基于多个参数进行搜索。

IE

// This uses an and
//(&(objectCategory=person)(!UserAccountControl:1.2.840.113556.1.4.803:=2)(&(SAMAccountName=tom*)(DisplayName=tom*)))
var searchPrinciple = new UserPrincipal(context);
searchPrinciple.DisplayName =  "tom*";
searchPrinciple.SamAccountName = "tom*";

var searcher = new PrincipalSearcher();
searcher.QueryFilter = searchPrinciple;

var results = searcher.FindAll();

PrincipalSearcher我想使用(not DirectorySearcher)进行类似的搜索(在 LDAP 中)

// (&(objectCategory=person)(!UserAccountControl:1.2.840.113556.1.4.803:=2)(|(SAMAccountName=tom*)(DisplayName=tom*)))
4

5 回答 5

24

这显然是不可能的,这里有一个解决方法:

List<UserPrincipal> searchPrinciples = new List<UserPrincipal>();
searchPrinciples.Add(new UserPrincipal(context) { DisplayName="tom*"});
searchPrinciples.Add(new UserPrincipal(context) { SamAccountName = "tom*" });
searchPrinciples.Add(new UserPrincipal(context) { MiddleName = "tom*" });
searchPrinciples.Add(new UserPrincipal(context) { GivenName = "tom*" });

List<Principal> results = new List<Principal>();
var searcher = new PrincipalSearcher();
foreach (var item in searchPrinciples)
{
    searcher = new PrincipalSearcher(item);
    results.AddRange(searcher.FindAll());
}
于 2013-12-18T10:30:42.537 回答
8

不一定像其他一些答案那样干净,但这是我在我正在从事的项目中实现这一点的方式。我希望两个搜索都异步运行,以尝试减少由于运行两个 AD 查询而导致的任何减速。

public async static Task<List<ADUserEntity>> FindUsers(String searchString)
{
    searchString = String.Format("*{0}*", searchString);
    List<ADUserEntity> users = new List<ADUserEntity>();

    using (UserPrincipal searchMaskDisplayname = new UserPrincipal(domainContext) { DisplayName = searchString })
    using (UserPrincipal searchMaskUsername = new UserPrincipal(domainContext) { SamAccountName = searchString })
    using (PrincipalSearcher searcherDisplayname = new PrincipalSearcher(searchMaskDisplayname))
    using (PrincipalSearcher searcherUsername = new PrincipalSearcher(searchMaskUsername))
    using (Task<PrincipalSearchResult<Principal>> taskDisplayname = Task.Run<PrincipalSearchResult<Principal>>(() => searcherDisplayname.FindAll()))
    using (Task<PrincipalSearchResult<Principal>> taskUsername = Task.Run<PrincipalSearchResult<Principal>>(() => searcherUsername.FindAll()))
    {
        foreach (UserPrincipal userPrincipal in (await taskDisplayname).Union(await taskUsername))
            using (userPrincipal)
            {
                users.Add(new ADUserEntity(userPrincipal));
            }
    }

    return users.Distinct().ToList();
}

我的 ADUserEntity 类具有基于 SID 的相等性检查。我试图将Distinct()on 添加到Union()两个搜索结果中,但没有奏效。

我欢迎对我的回答提出任何建设性的批评,因为我想知道是否有任何方法可以改进它。

于 2014-07-22T17:05:01.567 回答
3

我知道这有点晚了,但这是我在搜索 AD 时使用的结构:

public static Task<IEnumerable<SomeUserModelClass>> GetUsers(//Whatever filters you want)
{
    return Task.Run(() =>
    {
        PrincipalContext context = new PrincipalContext(ContextType.Domain);
        UserPrincipal principal = new UserPrincipal(context);
        principal.Enabled = true;
        PrincipalSearcher searcher = new PrincipalSearcher(principal);

        var users = searcher.FindAll().Cast<UserPrincipal>()
            .Where(x => x.SomeProperty... // Perform queries)
            .Select(x => new SomeUserModelClass
            {
                userName = x.SamAccountName,
                email = x.UserPrincipalName,
                guid = x.Guid.Value
            }).OrderBy(x => x.userName).AsEnumerable();

        return users;
    });
}
于 2016-06-09T11:54:22.440 回答
-3

FindAll 方法在主体上下文中指定的域中搜索与查询过滤器上设置的属性相同的对象。FindAll 方法返回与提供的对象匹配的所有对象,而 FindOne 方法仅返回一个匹配的主体对象。 http://msdn.microsoft.com/en-us/library/bb384378(v=vs.90).aspx

我不知道您需要什么,但您可以按 1 个属性和 1 个其他属性进行搜索,然后在列表中使用 LINQ 进行合并、过滤等...

于 2012-05-15T18:12:49.003 回答
-5 
PrincipalContext pContext = new PrincipalContext(ContextType.Machine, Environment.MachineName);
GroupPrincipal gp = GroupPrincipal.FindByIdentity(pContext, "Administrators");
bool isMember = UserPrincipal.Current.IsMemberOf(gp);
于 2015-08-26T12:47:40.153 回答