Geek Answers Handbook

In .Net 4.0, can DirectorySearch return LDAP results in a way that allows me to browse pages through them?

I work in C # and try to use DirectorySearch to query groups of the extremely large Microsoft ActiveDirectory LDAP server.

So, in my application I will have a computed list of searchable groups. Naturally, I donโ€™t want to clog my LDAP server, passing me the whole set of results for these queries every time I click โ€œNext Pageโ€.

Is there a way, using DirectorySearch, to retrieve ONLY one arbitrary page result, and not return the entire result in a single method call?

Related questions:

There are many such questions when someone asks about swap (from the LDAP server to the application server) and receives answers related to the PageSize and SizeLimit parameters. However, these properties only affect the search call between the C # server and the LDAP server, and ultimately the only relevant methods that DirectorySearch have are FindOne () and FindAll ().

What I'm looking for is basically โ€œFindPaged (pageSize, pageNumber)โ€ (the page number is a really important bit. I don't need the first 1000 results, I want (for example) the 100th set of 1000. The application cannot wait for 100,000 entries that will be transferred from the LDAP server to the application server, even if they are divided into 1000 entries.

I understand that DirectoryServices.Protocols has SearchRequest, which (I think?) Allows you to use "PageResultRequestControl", which looks like it has what I'm looking for (although it looks like the swap information is being sent to cookies ", which I'm not sure how I should have received.) But if there is a way to do this without rewriting everything in order to use the protocols instead, I would prefer not to.

I just can't imagine there is no way to do this ... Even SQL has a Row_Number.

UPDATE: PageResultRequestControl does not help - it is only for direct and sequential (you must call and get the first N results before you can get the cookie token needed to make the call to get the result N + 1).

However, the cookie has some kind of reproducible order ... In the result set that I worked on, I repeated one by one according to the results, and every time the cookie came out this way:

1: {8, 0, 0, 0} 2: {11, 0, 0, 0} 3: {12, 0, 0, 0} 4: {16, 0, 0, 0}

When I repeated two or two, I got the same numbers (11, 16). This makes me think that if I could define a code for how these numbers are generated, I could create an ad-hoc cookie that would give me exactly the paging I'm looking for.

+7
source share
3 answers

Unfortunately, it seems that this cannot be done given the current C # libraries.

All standard C # 4.0 LDAP libraries return Top-N results (like in, FindAll (), which returns every result, FindOne (), which returns the first result, or SearchResult using PageResultRequestControl, which returns N results through N + M, but you need to get results from 1 to N-1 before you have a cookie token, which you can pass with a request to get the next set.

I could not find third-party LDAP libraries that allow this.

If no better solution is found, my way forward will be to change the interface to display the results of the top X instead, without the possibility of paging the client (obviously, still use server-side swapping, if necessary).

I can use the swap system only for direct access later, by sending the updated cookie to the client with the response and passing it by clicking the "More Results" button. It might be worth considering whether these cookies can be processed manually or not.

UPDATE: I spoke with Microsoft Support and confirmed this. Cannot perform dynamic paging with LDAP servers. This is a limitation of the LDAP servers themselves.

You can use Protocols and Paging control (if your LDAP server supports it), step by step as desired, but there is no interserver (or even cross) standard for a cookie, so you cannot intelligently create your own, and there is no guarantee. that the cookie can be reused for repeated requests.

The complete solution involves using protocols (with paging as described above) to pull your result set into SQL, whether into a temp table or a persistent storage table, and allow the user to view and sort the THAT result in a traditional manner. Keep in mind that your results will not be accurately updated, but with some smart cache updates you can minimize this risk.

+3
source

The PageResultRequestControl is really a way to do this, it is part of the LDAP protocol. Sorry, you just need to find out what this means for your code. There should be a way to use it from wherever you are, but having said that, I work in Java and I just needed to write a dozen query controls and advanced classes to use with JNDI so that you might be out of luck .. or you may have to do as I do. A warning. ASN.1 parsing goes far from the following: - |

+3
source

Perhaps you want to iterate through your "pages" using the range attribute:

---- copy and paste ----

This example retrieves records 0-500 inclusive.

 DirectoryEntry group = new DirectoryEntry("LDAP://CN=Sales,DC=Fabrikam,DC=COM"); DirectorySearcher groupMember = new DirectorySearcher (group,"(objectClass=*)",new string[]{"member;Range=0-500"},SearchScope.Base); SearchResult result = groupMember.FindOne(); // Each entry contains a property name and the path (ADsPath). // The following code returns the property name from the PropertyCollection. String propName=String.Empty; foreach(string s in result.Properties.PropertyNames) { if ( s.ToLower() != "adspath") { propName = s; break; } } foreach(string member in result.Properties[propName]) { Console.WriteLine(member); }

---- copy and paste ----

for more information see:

Enumeration of members in a large group https://msdn.microsoft.com/en-us/library/ms180907.aspx

Range of attribute values https://msdn.microsoft.com/en-us/library/cc223242.aspx

Search by range search https://msdn.microsoft.com/en-us/library/aa367017.aspx

0
source

More articles:


All Articles