Active Directory search of Global Catalog When Using Sys.AD.AM .Net 3.5 Class
I am using the System.DirectoryServices.AccountManagement class for querying the Active Directory.
I'm able to query the domain using various contexts fine, but every example I've found requires a domain name.
string domain = "MYDOMAIN";
PrincipalContext ctx= new PrincipalContext(ContextType.Domain, domain);
Normally this wouldn't be a problem, however, we have some users who exist on a sub-domain. I've found a means of searching for their account details by parsing the domain information out of their user.identity.name.
string loggedUser = User.Identity.Name;
string domain = loggedUser.Sp开发者_如何转开发lit(new char { '\\' })[0];
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domain);
using (ctx) {
// Do searches, etc. here
}
We were hoping to swap over to use of GUIDs as our unique identifier, as I am lead to believe that GUIDs are unique across all domains, whereas names can change (marriages, divorces, etc.)
Using an old directory searcher web service, we are able to query the Global Catalog (GC) and find the user regardless of their domain or sub-domain, since the domains are trusted...I'm looking for that same 'feature' of a GC search using the new 3.5 S.DS.AM class. Is it even possible?
First, domain isn't required:
var principalContext = new PrincipalContext(ContextType.Domain);
But that doesn't help you. I think you need to build a list of domains. Then you could use S.DS.AM to search each domain. You could build your list of domains using an S.DS.ActiveDirectory Forest object. Or you could do a GC search using S.DS.DirectorySearcher using the GC:// moniker.
精彩评论