問題描述
我正在嘗試通過 Active Directory 遞歸地獲取用戶的所有直接報告.所以給定一個用戶,我最終會得到一個所有用戶的列表,這些用戶有這個人作為經理,或者有一個人作為經理,有一個人作為經理......最終將輸入用戶作為經理.
I'm trying to get all the direct reports of a User through Active Directory, recursively. So given a user, i will end up with a list of all users who have this person as manager or who have a person as manager who has a person as manager ... who eventually has the input user as manager.
我目前的嘗試相當緩慢:
My current attempt is rather slow:
private static Collection<string> GetDirectReportsInternal(string userDN, out long elapsedTime)
{
Collection<string> result = new Collection<string>();
Collection<string> reports = new Collection<string>();
Stopwatch sw = new Stopwatch();
sw.Start();
long allSubElapsed = 0;
string principalname = string.Empty;
using (DirectoryEntry directoryEntry = new DirectoryEntry(string.Format("LDAP://{0}",userDN)))
{
using (DirectorySearcher ds = new DirectorySearcher(directoryEntry))
{
ds.SearchScope = SearchScope.Subtree;
ds.PropertiesToLoad.Clear();
ds.PropertiesToLoad.Add("directReports");
ds.PropertiesToLoad.Add("userPrincipalName");
ds.PageSize = 10;
ds.ServerPageTimeLimit = TimeSpan.FromSeconds(2);
SearchResult sr = ds.FindOne();
if (sr != null)
{
principalname = (string)sr.Properties["userPrincipalName"][0];
foreach (string s in sr.Properties["directReports"])
{
reports.Add(s);
}
}
}
}
if (!string.IsNullOrEmpty(principalname))
{
result.Add(principalname);
}
foreach (string s in reports)
{
long subElapsed = 0;
Collection<string> subResult = GetDirectReportsInternal(s, out subElapsed);
allSubElapsed += subElapsed;
foreach (string s2 in subResult)
{
result.Add(s2);
}
}
sw.Stop();
elapsedTime = sw.ElapsedMilliseconds + allSubElapsed;
return result;
}
本質上,這個函數將一個可分辨的名稱作為輸入(CN=Michael Stum,OU=test,DC=sub,DC=domain,DC=com),因此,對 ds.FindOne() 的調用很慢.
Essentially, this function takes a distinguished Name as input (CN=Michael Stum, OU=test, DC=sub, DC=domain, DC=com), and with that, the call to ds.FindOne() is slow.
我發現搜索 userPrincipalName 的速度要快得多.我的問題:sr.Properties["directReports"] 只是一個字符串列表,也就是distinguishedName,搜索起來似乎很慢.
I found that it is a lot faster to search for the userPrincipalName. My Problem: sr.Properties["directReports"] is just a list of strings, and that is the distinguishedName, which seems slow to search for.
我想知道,有沒有一種快速的方法可以在 distinctName 和 userPrincipalName 之間進行轉換?或者,如果我只有可使用的專有名稱,是否有更快的方法來搜索用戶?
I wonder, is there a fast way to convert between distinguishedName and userPrincipalName? Or is there a faster way to search for a user if I only have the distinguishedName to work with?
感謝您的回答!搜索經理字段將功能從 90 秒改進為 4 秒.這是新的和改進的代碼,它更快、更易讀(請注意,elapsedTime 功能中很可能存在錯誤,但該函數的實際核心是有效的):
Thanks to the answer! Searching the Manager-Field improved the function from 90 Seconds to 4 Seconds. Here is the new and improved code, which is faster and more readable (note that there is most likely a bug in the elapsedTime functionality, but the actual core of the function works):
private static Collection<string> GetDirectReportsInternal(string ldapBase, string userDN, out long elapsedTime)
{
Collection<string> result = new Collection<string>();
Stopwatch sw = new Stopwatch();
sw.Start();
string principalname = string.Empty;
using (DirectoryEntry directoryEntry = new DirectoryEntry(ldapBase))
{
using (DirectorySearcher ds = new DirectorySearcher(directoryEntry))
{
ds.SearchScope = SearchScope.Subtree;
ds.PropertiesToLoad.Clear();
ds.PropertiesToLoad.Add("userPrincipalName");
ds.PropertiesToLoad.Add("distinguishedName");
ds.PageSize = 10;
ds.ServerPageTimeLimit = TimeSpan.FromSeconds(2);
ds.Filter = string.Format("(&(objectCategory=user)(manager={0}))",userDN);
using (SearchResultCollection src = ds.FindAll())
{
Collection<string> tmp = null;
long subElapsed = 0;
foreach (SearchResult sr in src)
{
result.Add((string)sr.Properties["userPrincipalName"][0]);
tmp = GetDirectReportsInternal(ldapBase, (string)sr.Properties["distinguishedName"][0], out subElapsed);
foreach (string s in tmp)
{
result.Add(s);
}
}
}
}
}
sw.Stop();
elapsedTime = sw.ElapsedMilliseconds;
return result;
}
推薦答案
首先,當您已經擁有要查找的 DN 時,不需要將 Scope 設置為subtree".
First off, setting Scope to "subtree" is unnecessary when you already have the DN you are looking for.
此外,如何查找manager"屬性是您要查找的人的所有對象,然后迭代它們.這通常應該比其他方式更快.
Also, how about finding all objects whose "manager" property is the person you look for, then iterating them. This should generally be faster than the other way around.
(&(objectCategory=user)(manager=<user-dn-here>))
以下內容很重要,但到目前為止僅在對此答案的評論中提及:
當過濾器字符串按上述方式構建時,存在用對 DN 有效但在過濾器中具有特殊含義的字符破壞它的風險.這些必須轉義:
When the filter string is built as indicated above, there is the risk of breaking it with characters that are valid for a DN, but have special meaning in a filter. These must be escaped:
* as 2a
( as 28
) as 29
as 5c
NUL as
主站蜘蛛池模板:
成人欧美一区二区三区在线观看
|
国产高清视频在线观看
|
a级黄色毛片免费播放视频
国产精品视频在线观看
|
成人深夜福利在线观看
|
女同久久另类99精品国产
|
欧美在线观看网站
|
九九热这里
|
爱草视频
|
91麻豆精品国产91久久久资源速度
|
国产高清在线精品一区二区三区
|
日操夜操
|
亚洲精品视频一区二区三区
|
麻豆久久久久
|
97色在线观看免费视频
|
日韩一区二区三区av
|
欧美韩一区二区
|
亚洲九九色
|
国产精品18hdxxxⅹ在线
|
国产伦精品一区二区三区照片91
|
日日噜噜噜夜夜爽爽狠狠视频,
|
播放一级毛片
|
精品一区二区三区在线视频
|
久久91精品
|
久久精品在线播放
|
久草在线在线精品观看
|
免费黄色日本
|
久久久久国产精品午夜一区
|
日本一道本视频
|
羞羞视频网站免费观看
|
欧美日韩综合精品
|
欧美性video
精品亚洲一区二区
|
国产一区二区三区久久久久久久久
|
亚洲精品免费视频
|
在线四虎|
成人一区二
|
久久成人av
|
在线免费观看黄色
|
一区二区三区四区在线视频
|
人人草人人干
|
国产传媒毛片精品视频第一次
|
精品麻豆剧传媒av国产九九九
|