LDAP排序规则失败

Question

我正在尝试对AD LDS进行ldap查询,以使用户对cn属性进行排序.排序顺序规则不应该是默认的英语,但它应该按照瑞典语排序.我正在使用.Net中的System.DirectoryServices.Protocols API执行此操作.

为了重现,我已经在端口389上安装了一个AD LDS实例,并安装了用户对象类.

使用以下代码(base是从执行简单搜索中复制的).订购规则已从此处获取.

public class LdapSorter
{

    public void SearchUsersSorted()
    {
        string hostOrDomainName = "localhost";
        string targetOu = "cn=Test";

        // create a search filter to find all objects
        string ldapSearchFilter = "(objectClass=user)";

        // establish a connection to the directory
        LdapConnection connection = new LdapConnection(hostOrDomainName);
        connection.SessionOptions.ProtocolVersion = 3;

        Console.WriteLine("\r\nPerforming a simple search ...");

        try
        {
            SearchRequest searchRequest = new SearchRequest
                                            (targetOu,
                                              ldapSearchFilter,
                                              SearchScope.OneLevel,
                                              null);

            searchRequest.Controls.Add(new SortRequestControl("cn", "1.2.840.113556.1.4.1594", false));
            //searchRequest.Controls.Add(new SortRequestControl("cn", false));
            //searchRequest.Controls.Add(new SortRequestControl("cn", true));

            // cast the returned directory response as a SearchResponse object
            SearchResponse searchResponse =
                        (SearchResponse)connection.SendRequest(searchRequest);

            Console.WriteLine("\r\nSearch Response Entries:{0}",
                        searchResponse.Entries.Count);

            // enumerate the entries in the search response
            foreach (SearchResultEntry entry in searchResponse.Entries)
            {
                Console.WriteLine("{0}:{1}",
                    searchResponse.Entries.IndexOf(entry),
                    entry.DistinguishedName);
            }
        }
        catch (DirectoryOperationException e)
        {
            Console.WriteLine("\nUnexpected exception occured:\n\t{0}\n{1}",
                              e, e.Response.ErrorMessage);
            var control = e.Response.Controls.First(c => c is SortResponseControl) as SortResponseControl;
            if (control != null)
            {
                Console.WriteLine("\nControl result: " + control.Result);
            }
        }
    }
}

这是输出:

Performing a simple search ...

Unexpected exception occured:
    System.DirectoryServices.Protocols.DirectoryOperationException: The server does not support the control. The control is critical.
   at System.DirectoryServices.Protocols.LdapConnection.ConstructResponse(Int32 messageId, LdapOperation operation, ResultAll resultType, TimeSpan requestTimeOut, Boolean exceptionOnTimeOut)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
   at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request)
   at Sort.LdapSorter.SearchUsersSorted() in C:\Source\slask\DotNetSlask\Sort\LdapSorter.cs:line 41
00000057: LdapErr: DSID-0C090A3D, comment: Error processing control, data 0, v3839

Control result: InappropriateMatching

如果使用已注释掉的两个排序请求控件之一,那么它可以工作,但具有英文排序顺序.

Answer 1

所以，我对它可能是什么有两个主要猜测。首先，（看起来你已经有了一些）看看这篇文章。

如何解决“服务器不支持控件。控件至关重要。” 活动目录错误

可能想尝试身份验证部分，看看它是否对您有任何改变。

其次，您用于排序的 OID 是针对瑞典语的（可能是故意的），但服务器可能无法在没有瑞典语语言包（或类似的东西）的情况下以瑞典语进行排序。您可以尝试“英语（美国）”选项（1.2.840.113556.1.4.1499），看看是否会给出不同的结果。

编辑：没关系，我想我错过了您帖子的最后一句话:) 我假设您正在连接到 Windows Server 来运行这些 LDAP 查询？如果是这样，我的猜测是服务器没有安装瑞典语语言包，但我没有 LDAP 和外语的经验，因此不能保证能够修复它。