查询过去 24 小时内创建的所有计算机对象的 LDAP
本文关键字:对象 LDAP 计算机 创建 过去 小时 查询 | 更新日期: 2023-09-27 18:32:41
我正在尝试使用 LDAP 查询返回过去 24 小时内创建的所有计算机对象。 我的代码目前如下所示:
//Declare new DirectoryEntry and DirectorySearcher
DirectoryEntry domainRoot = new DirectoryEntry("LDAP://rootDSE");
string rootOfDomain = domainRoot.Properties["rootDomainNamingContext"].Value.ToString();
DirectorySearcher dsSearch = new DirectorySearcher(rootOfDomain);
//Set the properties of the DirectorySearcher
dsSearch.Filter = "(&(objectClass=Computer)(whenCreated>" + dateFilter.ToString() + "))";
dsSearch.PageSize = 2000;
dsSearch.PropertiesToLoad.Add("distinguishedName");
dsSearch.PropertiesToLoad.Add("whenCreated");
dsSearch.PropertiesToLoad.Add("description");
dsSearch.PropertiesToLoad.Add("operatingSystem");
dsSearch.PropertiesToLoad.Add("name");
//Execute the search
SearchResultCollection computersFound = dsSearch.FindAll();
这段代码不返回任何对象,我确信在过去 24 小时内创建了帐户。
编辑:我用以下代码修复了这个问题:
GetCompList(DateTime.Now.AddDays(-1)); //This sets the filter to one day previous
//Declare new DirectoryEntry and DirectorySearcher
DirectoryEntry domainRoot = new DirectoryEntry("LDAP://rootDSE");
string rootOfDomain = domainRoot.Properties["rootDomainNamingContext"].Value.ToString();
DirectorySearcher dsSearch = new DirectorySearcher(rootOfDomain);
//Set the properties of the DirectorySearcher
dsSearch.Filter = "(&(objectClass=Computer)(whenCreated>=" + dateFilter.ToString("yyyyMMddHHmmss.sZ") + "))";
dsSearch.PageSize = 2000;
dsSearch.PropertiesToLoad.Add("distinguishedName");
dsSearch.PropertiesToLoad.Add("whenCreated");
dsSearch.PropertiesToLoad.Add("description");
dsSearch.PropertiesToLoad.Add("operatingSystem");
dsSearch.PropertiesToLoad.Add("name");
//Execute the search
SearchResultCollection computersFound = dsSearch.FindAll();
秘诀是台词:
dsSearch.Filter = "(&(objectClass=Computer)(whenCreated>=" + dateFilter.ToString("yyyyMMddHHmmss.sZ") + "))";
事实证明,答案在于 whenCreated 过滤器的格式。 根据这篇博文,whenCreated 的过滤器必须格式化为"yyyyMMddHHmmss.sZ",其中 Z 是 UTC 的偏移量。 我所做的是创建一个名为
private void GetCompList(DateTime dateFilter) //This overloaded version of GetCompList takes a parameter of type DateTime, and only returns computers that were built after dateFilter
{
try
{
//Convert the dateFilter to a format appropriate for an LDAP query
int offset = -8;
//string strDateFilter = convertToCrazyFormat(dateFilter, offset);
//string strDateFilter = dateFilter.ToString("yyyyMMddhhmmss");
//Declare new DirectoryEntry and DirectorySearcher
DirectoryEntry domainRoot = new DirectoryEntry("LDAP://rootDSE");
string rootOfDomain = domainRoot.Properties["rootDomainNamingContext"].Value.ToString();
DirectorySearcher dsSearch = new DirectorySearcher(rootOfDomain);
//Set the properties of the DirectorySearcher
dsSearch.Filter = "(&(objectClass=Computer)(whenCreated>=" + dateFilter.ToString("yyyyMMddHHmmss.s" + offset.ToString()) + "))";
dsSearch.PageSize = 2000;
dsSearch.PropertiesToLoad.Add("distinguishedName");
dsSearch.PropertiesToLoad.Add("whenCreated");
dsSearch.PropertiesToLoad.Add("description");
dsSearch.PropertiesToLoad.Add("operatingSystem");
dsSearch.PropertiesToLoad.Add("name");
然后我像这样调用该方法:
GetCompList(DateTime.Now.AddDays(-1));//Pass in a negative value that represents the time period you want objects from, in this case the last day