我正在尝试在当前域中找到一个用户.代码是这样的:
DirectoryEntry domain = new DirectoryEntry("LDAP://CN-Users, DC=" + Environment.UserDomainName);
DirectoryEntries entries = domain.Children;
try
{
// The following line causes the exception
DirectoryEntry user = entries.Find("(&(objectCategory=user)(cn=" + userName + "))", ActiveDirectoryEntryType.User.TypeName);
user.DeleteTree();
user.CommitChanges();
}
catch
{}
我收到一个错误:
An invalid dn syntax has been specified.
我还尝试了以下代码,并得到了相同的错误:
DirectoryEntry user = entries.Find(userName, ActiveDirectoryEntryType.User.TypeName);
我在帮助文件中找不到有关正确语法的信息.有谁知道这是怎么做的?
解决方法:
您在此状态表中出错:
DirectoryEntry domain = new DirectoryEntry("LDAP://CN-Users, DC=" + Environment.UserDomainName);
我几乎可以确定它应该是:LDAP:// CN = Users,代替LDAP:// CN-Users,
第二件事是DC =“ Environment.UserDomainName,这可能是错误的,因为通常它是这样的:LDAP:// OU = Finance,dc = fabrikam,dc = com(有多个DC)
您可以使用powershell找到所有DC.运行以下命令:
New-Object DirectoryServices.DirectoryEntry