I have the following C# code in a project:
DirectoryEntry root = new DirectoryEntry(@"LDAP://ad.mydomain.com");
DirectorySearcher ds = new DirectorySearcher(root);
ds.DerefAlias = DereferenceAlias.Always;
ds.SearchScope = SearchScope.Subtree;
ds.Filter = "(|(name=John_Smith)(cn=John_Smith))";
SearchResultCollection src = ds.FindAll();
I'm monitoring LDAP traffic to the AD server with MS Network Monitor and I see this when the search takes place:
Frame: Number = 1417, Captured Frame Length = 404, MediaType = ETHERNET
+ Ethernet: Etype = Internet IP (IPv4),DestinationAddress:[XXX],SourceAddress:[XXX]
+ Ipv4: Src = XXX, Dest = XXX, Next Protocol = TCP, Packet ID = 9696, Total IP Length = 390
+ Tcp: Flags=...AP..., SrcPort=1521, DstPort=LDAP(389), PayloadLen=350, Seq=3825204841 - 3825205191, Ack=1241404727, Win=16425 (scale factor 0x2) = 65700
- Ldap: Search Request, MessageID: 1, BaseObject: NULL, SearchScope: base Object, SearchAlias: neverDerefAliases
- Parser: Search Request, MessageID: 1
+ ParserHeader:
+ MessageID: 1
+ OperationHeader: Search Request, 3(0x3)
- SearchRequest: BaseDN: NULL, SearchScope: base Object, SearchAlias: neverDerefAliases
+ BaseObject: NULL
+ Scope: base Object
+ Alias: neverDerefAliases
+ SizeLimit: No Limit
+ TimeLimit: 120 seconds
+ TypesOnly: False
- Filter: (objectclass Present)
+ Operator: Present, 7(0x07)
- Length: 11
Length: 11 bytes, LengthOfLength = 0
+ PresentFilter: objectclass Present
- Attributes: ( subschemaSubentry )( dsServiceName )( namingContexts )( defaultNamingContext )( schemaNamingContext )( configurationNamingContext )( rootDomainNamingContext )( supportedControl )( supportedLDAPVersion )( supportedLDAPPolicies )( supportedSASLMec
+ AttributeSelectionHeader:
+ Attribute: subschemaSubentry
+ Attribute: dsServiceName
+ Attribute: namingContexts
+ Attribute: defaultNamingContext
+ Attribute: schemaNamingContext
+ Attribute: configurationNamingContext
+ Attribute: rootDomainNamingContext
+ Attribute: supportedControl
+ Attribute: supportedLDAPVersion
+ Attribute: supportedLDAPPolicies
+ Attribute: supportedSASLMechanisms
+ Attribute: dnsHostName
+ Attribute: ldapServiceName
+ Attribute: serverName
+ Attribute: supportedCapabilities
Neither the search scope or filter I requested appear to be being used in the query. I tried using Softerra LDAP Administrator to perform a root search on "John_Smith" and network monitor shows what appears to be a perfectly good LDAP query, with filter and search scope intact.
What am I missing?