I'm trying to access an LDAP directory via the SearchRequest object in C#. I can make the same calls via an LDAP library running in and iPhone app, as well as directly via a terminal session. However, the C# queries all seem to fail.
var search = new SearchRequest("ou=calendar,dc=ualberta,dc=ca", "term=*,course=094398,class=*", System.DirectoryServices.Protocols.SearchScope.Subtree, attributeLst);
This returns a list of terms for the course calendar. However, making the following calls won't return results for specific courses
var search = new SearchRequest("ou=calendar,dc=ualberta,dc=ca", "term=1330,course=094398", System.DirectoryServices.Protocols.SearchScope.Subtree, attributeLst);
The attributeLst object has proper attribute names included, but the query always returns with zero results.
Any suggestions anyone has would be greatly appreciated. Thanks.
Could it be related to the underlying LDAP property, i.e course's ldap datatype, i.e. is it one of the various strings or an integer in the LDAP store, if so the leading zero may throw it off? Also, I'm curious, logical and's (atleast when querying AD which is an LDAP implementation - not sure what your underlying store is) typically follow something like this:
(&(term=1330)(course=094398))
Related
We want to query a SharePoint tenant periodically for any new sites/subsites created since the last time the query was run (e.g. once every 5 minutes).
We are open to running graph queries at the SharePoint tenant level or the SharePoint site collection level.
This tenant has >50,000 sites + subsites in it. Enumerating them all takes too long. So we are hoping to create a graph query that can identify only sites with a creation date within a narrow range so we can make this process faster.
Cany anyone share more information on how to achieve such a query across the tenant, or site collection, for site creation date? Thanks in advance.
The fastest way to list all tenant's sites (large amount) is querying a hidden system list. It requires to have the right permissions to read listitems.
First, list all SP lists via the query: https://graph.microsoft.com/v1.0/sites/<yourtenant>-admin.sharepoint.com/Lists/?select=id,name
Next, via MS graph, you can query and filter the listitems in the list with the displayname DO_NOT_DELETE_SPLIST_TENANTADMIN_ALL_SITES_AGGREGATED_SITECOLLECTIONS as all sites' references are there. You can use the integrated pagination URL in #odata.nextLink property. Read : https://learn.microsoft.com/en-us/graph/paging
Also, another option, via a search query it is possible too :
https://graph.microsoft.com/v1.0/sites?search='<site_name_or_alias>'&filter=createdDateTime ge '2020-10-26T00:00:00Z'.
However, beware of the fact that just a few properties are supported for filtering if you use the search.
I am trying to find the relevant C# API for Powershell's Get-ADDomain. I don't want to invoke the Powershell commands in C#. Instead I am looking for one or multiple C# API with which I can retrieve all the values.
Get-ADDomain -Identity user.com
I tried searching through DOT net API's but couldn't find a relevant one. I found Domain class. But I am not sure how to get all the info using GetDomain
System.DirectoryServices.ActiveDirectory.Domain.GetDomain(DirectoryContext)
Can someone help in finding the relevant C# API that I can use to retrieve all the values of Get-ADDomain?
If you want to get the domain info for the domain that the computer is a member of or the domain that the user running the script is a member of (if they are the same, flip a coin), you can use a different method on the same class you're already trying to use:
For computer's domain:
[System.DirectoryServices.ActiveDirectory.Domain]::GetComputerDomain()
For user's domain:
[System.DirectoryServices.ActiveDirectory.Domain]::GetUserDomain()
...yes it's in PowerShell but just invoke the either of the two methods above and they internally pass in the DirectoryContext relative to what you're looking for.
You might also get more information you're looking for by going up to the forest and retrieving that info as well:
[System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
I am doing a proof of concept to accept address as input and provide suggestions to user using google geo-code service.
I have written .Net Code to access google API. http://maps.googleapis.com/maps/api/geocode/xml?address=123+main+srt&components=country:US
when i access above URL only 10 results are returned.
Search terms/addresses i used to search are "123 main srt" and "123"
From the docs:
Generally, only one entry in the "results" array is returned for
address lookups,though the geocoder may return several results when
address queries are ambiguous.
So a sucessfull request will have at least 1 result, may have more, but must not have more results than 1(or 10).
I need help with retrieving all possible properties(Distinguished Name , etc) and values from a LDAP server using C# 4.0 code.
My end user is simply going to enter the name of the LDAP server in my application.
The LDAP server can be a private server or an open LDAP server as available in this page Public LDAP servers.
I am using System.DirectoryServices.Protocols.LdapConnection class to connect to the LDAP servers and System.DirectoryServices.Protocols.SearchRequest class to retrieve the values.
Here's my problem :
The System.DirectoryServices.Protocols.SearchRequest class requires the distinguished name of the server as a parameter to retrieve users, group etc.
My end-user will simply be entering the server name.
I have to get the distinguished name from the server via my C# code. I am unable to find(even google out) a C# solution for my problem.
I found an application online that actually does what I wanted.
I simply provided LDAP server name and it retrieved the values(distinguished name, port no, etc) from that server.
Could someone please provide me a solution to get the values using C# .NET 4.0.
I cannot use any paid third party softwares or dlls.
LDAP does not use properties, it has attributes. To fetch attributes from a server, an LDAP client must connect to the server, authenticate the connection using the BIND request, and then transmit a search request to the server and interpret the server's response. A search request consists of the following at a minimum:
base object
search scope
search filter
list of attributes to retrieve
Properly coded LDAP clients will include a size limit and time limit in addition to the above required elements.
The search result from the server will contain an integer result code, and a list of objects that matched the search request parameters (filtered by the search filter). A search can be successful but return no entries.
If the base object is not known, transmit a search request for the namingContexts attribute in the root DSE. The root DSE can only be obtained by using a base object of "" and a search scope of 'base'. The filter should be (&) or (objectClass=*). The directory server publishes certain information, including the namingContexts, in the root DSE, although that information is subject to access controls like everything else.
see also
LDAP: Search Best Practices
LDAP: Programming Best Practices
LDAP: The Root DSE
can someone explain the makeup of the ldap string parts.
the one i have is:
string strSQL = "SELECT mail FROM 'LDAP://DC=amrs,DC=win,DC=ml,dc=COM' WHERE samaccountname = '" + UserName.Replace(#"AMRS\", "") + "'";
this gets an email for a particular username. now i need to get other info from an ldap query and fail to get the setting correct and also i have no clue what the values are in the ldap settings. "LDAP://DC=amrs,DC=win,DC=ml,dc=COM"
can anyone explain this to me please?
The DC= prefix in the LDAP string stands for domain component (dc). These are the parts that make up the domain of your LDAP server. Those are fixed and need to be used for any object on that server.
In "DNS style", this would read: (something).amrs.win.ml.com (e.g. a server name, machine name etc.)
Richard Mueller has a great post explaining the most commonly found prefixes in LDAP bind strings - stuff like dc=, ou= (organizational unit) or cn= (common name).
It depends on your particular LDAP schema. Try an LDAP browser like JXplorer to find out how your Schema is structured. It's also great for trying out queries like this.
DC is short for Domain Component. The LDAP: URL describes a subtree on your particular server. Your where clause queries the entries for the attribute samaccountname for that match.
You are simply issuing a query to the LDAP server. Like anything else out there it has its own format for querying it. I wouldn't call it a language but it certainly must be formatted correctly. You need to find a basic tutorial on LDAP and the components that can be looked up in your LDAP directory, like for Windows. You can also look at items like this:
Active Directory LDAP Query by sAMAccountName and Domain
to see how things are done and learn by example. For me, it's a little like regular expressions though not near as cryptic, I have to look it up every time if I need something but at least I can recognize parts when I see it, like on DC, I may have dc=mydomain,dc=org. I know by looking that is my top level where I start my query. From there I have to look it up.