jessikitty/Disco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

AD Performance Improvement

Browse Source 
When searching very large Active Directories prefix wildcards greatly
reduce performance. A configuration switch is implemented when results
in only suffix wildcards being used.
This commit is contained in:
Gary Sharp
2016-05-02 18:54:27 +10:00
parent dee347128e
commit d955addc26
4 changed files with 19 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Disco.Data/Configuration/Modules/ActiveDirectoryConfiguration.cs
+10
View File
@@ -29,5 +29,15 @@ namespace Disco.Data.Configuration.Modules
get { return Get<bool?>(null); }
set { Set(value); }
}
/// <summary>
/// If true LDAP filters contain wildcards only at the end of the search term.
/// This greatly improves performance in very large AD environments (ie: EDU001/EDU002)
/// </summary>
public bool SearchWildcardSuffixOnly
{
get { return Get(false); }
set { Set(value); }
}
}
}
Disco.Services/Interop/ActiveDirectory/ADGroup.cs
+1 -1
View File
@@ -9,7 +9,7 @@ namespace Disco.Services.Interop.ActiveDirectory
public class ADGroup : IADObject
{
internal static readonly string[] LoadProperties = { "name", "distinguishedName", "sAMAccountName", "objectSid", "memberOf" };
internal const string LdapSearchFilterTemplate = "(&(objectCategory=Group)(|(sAMAccountName=*{0}*)(name=*{0}*)(cn=*{0}*)))";
internal static string LdapSearchFilterTemplate = "(&(objectCategory=Group)(|(sAMAccountName=*{0}*)(name=*{0}*)(cn=*{0}*)))";
internal const string LdapSamAccountNameFilterTemplate = "(&(objectCategory=Group)(sAMAccountName={0}))";
internal const string LdapSecurityIdentifierFilterTemplate = "(&(objectCategory=Group)(objectSid={0}))";
Disco.Services/Interop/ActiveDirectory/ADUserAccount.cs
+1 -1
View File
@@ -9,7 +9,7 @@ namespace Disco.Services.Interop.ActiveDirectory
public class ADUserAccount : IADObject
{
internal const string LdapSamAccountNameFilterTemplate = "(&(objectCategory=Person)(sAMAccountName={0}))";
internal const string LdapSearchFilterTemplate = "(&(objectCategory=Person)(objectClass=user)(|(sAMAccountName=*{0}*)(displayName=*{0}*)))";
internal static string LdapSearchFilterTemplate = "(&(objectCategory=Person)(objectClass=user)(|(sAMAccountName=*{0}*)(displayName=*{0}*)(sn=*{0}*)(givenName=*{0}*)))";
internal static readonly string[] LoadProperties = { "name", "distinguishedName", "sAMAccountName", "objectSid", "displayName", "sn", "givenName", "memberOf", "primaryGroupID", "mail", "telephoneNumber" };
internal static readonly string[] QuickLoadProperties = { "name", "distinguishedName", "sAMAccountName", "objectSid", "displayName", "sn", "givenName", "mail", "telephoneNumber" };
Disco.Services/Interop/ActiveDirectory/ActiveDirectoryContext.cs
+7
View File
@@ -55,6 +55,13 @@ namespace Disco.Services.Interop.ActiveDirectory
// Search Entire Forest (default: true)
this._SearchAllForestServers = Database.DiscoConfiguration.ActiveDirectory.SearchAllForestServers ?? true;
// Set Search LDAP Filters
if (Database.DiscoConfiguration.ActiveDirectory.SearchWildcardSuffixOnly)
{
ADGroup.LdapSearchFilterTemplate = "(&(objectCategory=Group)(|(sAMAccountName={0}*)(name={0}*)(cn={0}*)))";
ADUserAccount.LdapSearchFilterTemplate = "(&(objectCategory=Person)(objectClass=user)(|(sAMAccountName={0}*)(displayName={0}*)(sn={0}*)(givenName={0}*)))";
}
// Determine Site
var computerSite = ActiveDirectorySite.GetComputerSite();
this.Site = new ADSite(this, computerSite);