(&(objectClass=user)(objectClass=person))
Find All active user
(&(objectClass=user)(objectClass=person)(!userAccountControl:1.2.840.113556.1.4.803:=2))
Find All active user without empty email and display Name
(&(objectClass=user)(objectClass=person)(!userAccountControl:1.2.840.113556.1.4.803:=2)(mail=*)(displayName=*))
C# approach
public List<UserProfile> GetAllUser(string ldapQueryString)
{
try
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = null;
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
directorySearch.Filter = string.Format("(&(objectClass=user)(objectClass=person){0})", ldapQueryString);
directorySearch.PageSize = 500;
SearchResultCollection allUsers = directorySearch.FindAll();
if (allUsers != null)
{
List<UserProfile> users = new List<UserProfile>();
foreach (SearchResult u in allUsers)
{
DirectoryEntry de = new DirectoryEntry(u.Path);
users.Add(UserProfile.GetUser(de));
}
return users;
}
return null;
}
}
catch (Exception ex)
{
LogHelper.Error<ActiveDirectoryHelper>("GetUserByFullName Exception: ", ex);
return null;
}
}
UserProfile Class
public class UserProfile
{
private Guid _guid;
private String _distinguishedName;
private String _displayName;
private String _firstName;
private String _middleName;
private String _lastName;
private String _loginName;
private String _loginNameWithDomain;
private String _streetAddress;
private String _city;
private String _state;
private String _postalCode;
private String _country;
private String _homePhone;
private String _extension;
private String _mobile;
private String _fax;
private String _emailAddress;
private String _title;
private String _company;
private String _manager;
private String _managerName;
private String _department;
public Guid GUID
{
get { return _guid; }
}
public string DistinguishedName
{
get { return _distinguishedName; }
}
public String Department
{
get { return _department; }
}
public String FirstName
{
get { return _firstName; }
}
public String MiddleName
{
get { return _middleName; }
}
public String LastName
{
get { return _lastName; }
}
public String DisplayName
{
get { return _displayName; }
}
public String LoginName
{
get { return _loginName; }
}
public String LoginNameWithDomain
{
get { return _loginNameWithDomain; }
}
public String StreetAddress
{
get { return _streetAddress; }
}
public String City
{
get { return _city; }
}
public String State
{
get { return _state; }
}
public String PostalCode
{
get { return _postalCode; }
}
public String Country
{
get { return _country; }
}
public String HomePhone
{
get { return _homePhone; }
}
public String Extension
{
get { return _extension; }
}
public String Mobile
{
get { return _mobile; }
}
public String Fax
{
get { return _fax; }
}
public String EmailAddress
{
get { return _emailAddress; }
}
public String Title
{
get { return _title; }
}
public String Company
{
get { return _company; }
}
public UserProfile Manager
{
get
{
if (!String.IsNullOrEmpty(_managerName))
{
ActiveDirectoryHelper activeDirectoryHelper = new ActiveDirectoryHelper();
return activeDirectoryHelper.GetUserByFullName(_managerName);
}
return null;
}
}
public String ManagerName
{
get { return _managerName; }
}
private UserProfile(DirectoryEntry directoryUser)
{
String domainAddress;
String domainName;
_guid = directoryUser.Guid;
_distinguishedName = GetProperty(directoryUser, Properties.DISTINGUISHEDNAME);
_firstName = GetProperty(directoryUser, Properties.FIRSTNAME);
_middleName = GetProperty(directoryUser, Properties.MIDDLENAME);
_lastName = GetProperty(directoryUser, Properties.LASTNAME);
_displayName = GetProperty(directoryUser, Properties.DISPLAYNAME);
_loginName = GetProperty(directoryUser, Properties.LOGINNAME);
String userPrincipalName = GetProperty(directoryUser, Properties.USERPRINCIPALNAME);
if (!string.IsNullOrEmpty(userPrincipalName))
{
domainAddress = userPrincipalName.Split('@')[1];
}
else
{
domainAddress = String.Empty;
}
if (!string.IsNullOrEmpty(domainAddress))
{
domainName = domainAddress.Split('.').First();
}
else
{
domainName = String.Empty;
}
_loginNameWithDomain = String.Format(@"{0}\{1}", domainName, _loginName);
_streetAddress = GetProperty(directoryUser, Properties.STREETADDRESS);
_city = GetProperty(directoryUser, Properties.CITY);
_state = GetProperty(directoryUser, Properties.STATE);
_postalCode = GetProperty(directoryUser, Properties.POSTALCODE);
_country = GetProperty(directoryUser, Properties.COUNTRY);
_company = GetProperty(directoryUser, Properties.COMPANY);
_department = GetProperty(directoryUser, Properties.DEPARTMENT);
_homePhone = GetProperty(directoryUser, Properties.HOMEPHONE);
_extension = GetProperty(directoryUser, Properties.EXTENSION);
_mobile = GetProperty(directoryUser, Properties.MOBILE);
_fax = GetProperty(directoryUser, Properties.FAX);
_emailAddress = GetProperty(directoryUser, Properties.EMAILADDRESS);
_title = GetProperty(directoryUser, Properties.TITLE);
_manager = GetProperty(directoryUser, Properties.MANAGER);
if (!String.IsNullOrEmpty(_manager))
{
String[] managerArray = _manager.Split(',');
_managerName = managerArray[0].Replace("CN=", "");
}
}
private static String GetProperty(DirectoryEntry userDetail, String propertyName)
{
if (userDetail.Properties.Contains(propertyName))
{
return userDetail.Properties[propertyName][0].ToString();
}
else
{
return string.Empty;
}
}
public static UserProfile GetUser(DirectoryEntry directoryUser)
{
return new UserProfile(directoryUser);
}
}
Reference
LDAP Query Basics
KB for query disabled user
沒有留言:
張貼留言