I am trying to list all users located in an organizational unit in a domain using LDAP ( DirectorySearcher class).
The domain I'm connecting to is not the current domain, and the OU I'm trying to look at is on a very deep path with some OU names duplicating elsewhere, for example:
MyDomain.LOCAL / MyCompany / Clients / Contoso / Financial site / Financial services / Users
I can list all users in the domain with the following code:
var directoryEntry = new DirectoryEntry(_ldapServer, _domain + "\\" +
_systemUser, _systemPassword);
try
{
object obj = directoryEntry.NativeObject;
}
catch (Exception ex)
{
throw new Exception("Error authenticating system user. " + ex.Message, ex);
}
DirectorySearcher users = new DirectorySearcher(directoryEntry);
users.Filter = "(&(objectClass=user)(objectCategory=Person))";
users.PropertiesToLoad.Add("givenName");
users.PropertiesToLoad.Add("sn");
users.PropertiesToLoad.Add("mail");
users.PropertiesToLoad.Add("name");
var allFound = users.FindAll();
foreach (SearchResult oResult in allFound)
{
}
This works and captures a huge list of all users who are in the root (domain).
However, I want users to be under a specific unit.
I tried the following line:
var directoryEntry = new DirectoryEntry(_ldapServer +
"/ou=MyCompany/Clients/Contoso/Financial Site/Financial Services/Users",
_domain + "\\" + _systemUser, _systemPassword);
:
Error authenticating system user. An operations error occurred.
- , DirectorySearcher OU, ?
!
( ) ( ):
LDAP://DomainControllerServer/OU=Users,OU=Financial Services,
OU=Financial Site,OU=Contoso,OU=Clients,OU=MyCompany,
DC=MyDomain,DC=LOCALDomainControllerServer = IP address in my case.
-- FQDN: MyDomain.LOCAL - Period-separated into DC={part} list
|-- OU: MyCompany
|-- OU: Clients
|-- OU: Contoso
|-- OU: Financial site
|-- OU: Financial Services
|-- OU: Users
(\), , : + , \ = /.
, , , .