我使用以下代码从 Active Directory 获取用户详细信息
DirectoryEntry Entry = new DirectoryEntry("LDAP://dc=" + Domainname + ",dc=directoryname,dc=com", username, password, AuthenticationTypes.Secure);
DirectorySearcher DS = new DirectorySearcher(Entry);
List<string> lstPath = new List<string>();
DS.Filter = "(sAMAccountName=*)";
//DS.Filter = "(sAMAccountName=umbarglp)";
//DS.Filter = "(sAMAccountName=Adminumbarglp)";
SearchResultCollection ResultsCollection = DS.FindAll();
在此代码中我只返回 20000 条记录。我需要使用什么才能从 AD 获取所有条目?
问题是返回的最大记录数永远不会大于服务器上配置的最大记录数(请参阅SizeLimit文档)。如果可以进一步增加该数量,那将是最快的解决方案(尽管在其他程序也能够获取更多记录并导致过载的情况下可能不建议)
编辑 出于好奇,我想测试如何通过分块阅读来完成此操作,这似乎有效:
DS.SizeLimit = 10; //set small for testing, change before production ;)
DS.Filter = "(sAMAccountName=*)";
var list = new List<SearchResult>();
SearchResultCollection res;
while ((res = DS.FindAll()).Count > 0)
{
list.AddRange(res.Cast<SearchResult>());
var last = list[list.Count - 1].GetDirectoryEntry().InvokeGet("sAMAccountName").ToString()
+ "0"; // <- small cheat to prevent doubles because the search does not support > , but does support >=
DS.Filter = "(sAMAccountName>=" + last + ")";
}