Question

对某些C＃LDAP查询有点问题。最紧凑的一个是我似乎缺少预期数据集的大约1/3。

结果集附有两个屏幕截图。

关于C＃过滤器

我在这里生成过滤器

  public string GenerateFilter()
    {
        var LastRunDateTime = Variables.LastRunDateTime;
        var filter = "(ObjectClass=group)";

        /*
        string filter = string.Format(
             "(&(ObjectClass=group)(whenChanged>={0:yyyyMMddHHmmss.0Z}))",//This is the DateTime format it takes.
             LastRunDateTime.AddHours(-11) // Always use UTC to make life easy. Otherwise you need to change the above time formatting.
       );                    */
        return filter;
    }

我已经注释掉了第一次运行返回相同计数的初始代码

关于代码中的工作部分，我无法看到为什么它没有返回所有值。

我一直在检查缺失值（设法用一点逻辑跟踪它们），它们之间几乎没有配置差异。

    public override void CreateNewOutputRows()
    {
        /*
          Add rows by calling the AddRow method on the member variable named "<Output Name>Buffer".
          For example, call MyOutputBuffer.AddRow() if your output was named "MyOutput".
        */
        DataTable workTable = new DataTable("Ad_Users");
        DataColumn workColumn = workTable.Columns.Add("SID", typeof(string));
        workTable.Columns.Add("ObjectCategory", typeof(string));
        workTable.Columns.Add("ObjectGUID", typeof(string));
        workTable.Columns.Add("CanonicalName", typeof(string));
        workTable.Columns.Add("SAMAccount", typeof(string));
        workTable.Columns.Add("distinguishedName", typeof(string));
        workTable.Columns.Add("DisplayName", typeof(string));
        workTable.Columns.Add("Description", typeof(string));
        workTable.Columns.Add("WhenCreated", typeof(DateTime));
        workTable.Columns.Add("WhenChanged", typeof(DateTime));
        // workTable.Columns.Add("MemberOf", typeof(string));

        var domainController = "[REDACTED]";
        using (var domain = new System.DirectoryServices.DirectoryEntry("LDAP://" + domainController))
        {
            using (var searcher = new DirectorySearcher(domain, GenerateFilter()))
            {
                searcher.PropertiesToLoad.Add("ObjectSID");
                searcher.PropertiesToLoad.Add("ObjectCategory");
                searcher.PropertiesToLoad.Add("ObjectGuid");
                searcher.PropertiesToLoad.Add("CN");
                searcher.PropertiesToLoad.Add("SAMAccountName");
                searcher.PropertiesToLoad.Add("DisplayName");
                searcher.PropertiesToLoad.Add("distinguishedName");
                searcher.PropertiesToLoad.Add("Description");
                searcher.PropertiesToLoad.Add("WhenCreated");
                searcher.PropertiesToLoad.Add("WhenChanged");
                //  searcher.PropertiesToLoad.Add("MemberOf");

                foreach (SearchResult result in searcher.FindAll())
                {
                    var de = result.GetDirectoryEntry();

                    var sidInBytes = (byte[])de.Properties["ObjectSID"].Value;
                    var GUID = (byte[])de.Properties["ObjectGuid"].Value;
                    Guid guid = new Guid(GUID);

                    //INSERT VALUES INTO DATATABLE
                    DataRow workRow = workTable.NewRow();
                    workRow["SID"] = new System.Security.Principal.SecurityIdentifier(sidInBytes, 0);
                    workRow["ObjectCategory"] = de.Properties["ObjectCategory"].Value;
                    workRow["ObjectGUID"] = guid;
                    workRow["CanonicalName"] = de.Properties["CN"].Value;
                    workRow["SAMAccount"] = de.Properties["SAMAccountName"].Value;
                    workRow["DisplayName"] = de.Properties["DisplayName"].Value;
                    workRow["distinguishedName"] = de.Properties["distinguishedName"].Value;
                    workRow["Description"] = de.Properties["Description"].Value;
                    workRow["WhenCreated"] = Convert.ToDateTime(de.Properties["WhenCreated"].Value);
                    workRow["WhenChanged"] = Convert.ToDateTime(de.Properties["WhenChanged"].Value);

                    Output0Buffer.AddRow();
                    Output0Buffer.ObjectSID = workRow["SID"].ToString();
                    Output0Buffer.ObjectCategory = workRow["ObjectCategory"].ToString();
                    Output0Buffer.ObjectGUID = workRow["ObjectGUID"].ToString();
                    Output0Buffer.CanonicalName = workRow["CanonicalName"].ToString();
                    Output0Buffer.SamAccountName = workRow["SAMAccount"].ToString();
                    Output0Buffer.DisplayName = workRow["DisplayName"].ToString();
                    Output0Buffer.DistinguishedName = workRow["distinguishedName"].ToString();
                    Output0Buffer.Description = workRow["Description"].ToString();
                    Output0Buffer.WhenCreated = Convert.ToDateTime(workRow["WhenCreated"]);
                    Output0Buffer.WhenChanged = Convert.ToDateTime(workRow["WhenChanged"]);
                }
            }
        }
    }
}

如果有人能够提供帮助，我们将不胜感激

Answer 1

要获得可比较的结果，您应该使用

Get-ADGroup -LDAPFilter "(objectClass=group)"

C＃脚本LDAP未返回所有组

1 个答案: