Searching user by id by exact match in LDAP (SharePoint 2010 people picker)

I am trying to search a user in the LDAP and resolve his name in SharePoint PeoplePicker User types user's idsid in the PeoplePicker and then hit CheckName The code calls SearchSingleUser() with the typed userid.

Example: I type 'xyz' and hit Check开发者_运维百科Name The method below would then search LDAP for users with SamAccountName='xyz' for exact match. If match found then it should resolve the idsid in peoplepicker

If the LDAP has Domain\xyz but user types xyz, it won't match and won't resolve

But what I am seeing is that the name gets half resolved.

Any clue what I am missing as far as searching for exact match of a property?

This is my code:

public static string _LDAPSearchDefSingleUser = "(&(objectClass=user)(SamAccountName={0}))";

public static SearchResultCollection SearchSingleUser(string searchPattern)
{
    using (DirectoryEntry root = new DirectoryEntry(ldapPath, username, password))
    {                
        root.AuthenticationType = AuthenticationTypes.None;
        string filter = string.Format(_LDAPSearchDefSingleUser, searchPattern);

        using (DirectorySearcher searcher = new DirectorySearcher(root))
        {                    
            searcher.ReferralChasing = ReferralChasingOption.All;
            searcher.SearchScope = SearchScope.Subtree;
            searcher.Filter = filter;
            searcher.PropertiesToLoad.Add("objectclass");
            searcher.PropertiesToLoad.Add("SamAccountName");
            SearchResultCollection results = searcher.FindAll();

            return results;
        }
    }
}

Not sure to understantd your question, but I confirm that the following filter :

(&(objectClass=user)(SamAccountName=xyz))

in an LDAP search returns only THE object of class user with the attribute SamAccountName exactly equal to 'xyz'.

In your case, if you've got multiple match, it's because you enter '*xyz' or '*xyz*'.

For your information I use quite the same code and it works so.

With such an filter in the DirectorySearcher like: "(&(objectClass=user)(objectCategory=person)(anr=123B5))"

"anr="? --> "anr=" I found this in another example for an userID.

If I search then I get many objects back: One 123B5 but in addition I got many other users objects back. 123B5_A 123B5 123B56 123B5_T

But I not use a * in the filter.

Same in PowerShell or with C#
Here my PS:

$searcher = [adsisearcher]"(&(objectClass=user)(objectCategory=person)(anr=123B5)(Mail=*))" $ADSearchResults = $searcher.FindAll()

And now it is getting strange:

$searcher = [adsisearcher]"(&(objectClass=user)(objectCategory=person)(SamAccountName=123B5))" $ADSearchResults = $searcher.FindAll()

If I use instead SamAccountName then I got only one object back.

Then I searched with ADSIEdit for "anr" but I found no field for the user with that name.