K2 blackpearl
Projects related to K2 blackpearl, K2 smartforms and K2 connect.
cancel
Showing results for 
Search instead for 
Did you mean: 

Not applicable

Dynamic Active Directory Service

An AD Service the offers the following features: • CreateUser • UpdateUser • ReadUser • GetUsers • Move User OU • Add User To Groups • Remove User from Groups • Search User by SubString • Search Groups By SubString This is release one of the service which as per the ‘Project Overview’ provides the ability to have more advanced Active Directory integration focused around Active Directory Users. In the Zip file for the project is the documen
15 Comments
Forum Technician
AD search 1000 record limit

We have added a couple of our custom  AD fields to this SmartObject and am returning a list of all employees. The query is returning exactly 1000 records and we are expecting around 1300 back. I know there is a paging parameter when querying from AD that defaults to 1000 records. Is there an easy workaround in order to return all records?

Forum Technician
Re: AD search 1000 record limit

After digging into the code a little bit. Active Directory will put a limit of 1000 records on a search that does not have the PageSize declared. I added this line of code to: ADHelper.cs in the ActiveDirectoryDynamicSO project The Code I added:

public Exception getUsers(ref ServiceObject so)
        {
            Exception exc = null;
            try
            {
                //Need to decide if will allow user to pass domain in as a parameter?
                string conString = getLDAPPath("");
                //DirectoryEntry dirEntry = new DirectoryEntry(conString);
                DirectoryEntry dirEntry = getDirectoryEntry(conString);
                DirectorySearcher dSearcher = new DirectorySearcher(dirEntry);
                //Set the filter for the search
                dSearcher.Filter = getADUserLookUpString(ref so);
                int limit = 2000;
                if (so.Properties["MaxSearchResultSize"].Value != null)
                {
                    if (so.Properties["MaxSearchResultSize"].Value.ToString() != "*")
                    {
                        int.TryParse(so.Properties["MaxSearchResultSize"].Value.ToString(), out limit);
                    }
                }

                Method meth = so.Methods[0];
                dSearcher.PageSize = 1200;
                dSearcher.SizeLimit = limit;
                System.DirectoryServices.SearchResultCollection sResults = dSearcher.FindAll();
                so.Properties.InitResultTable();
                foreach (SearchResult sResult in sResults)
                {
                    addReturnPropFromDirObject(ref dirEntry, ref so,sResult);
                    SetTransactionSuccessful(ref so);
                    so.Properties.BindPropertiesToResultTable();
                }
                dirEntry.Close();
            }
            catch (Exception ex)
            {
                exc = ex;
            }
            return exc;
        }

 

Recompile, move K2.PSUK.ActiveDirectoryDynamicSO.dll to the ServiceBroker directory on the K2 server, refresh Service Object, Refresh Service Instance, and rerun the SmartObject.  This did the trick!

First Flight

Is it possible to configure multiple domains, as in the Active Directory service instance?

 

We're trying to do this, but it's not working, it gives an error:

"The format of the specified domain name is invalid"

 

We tried to configure the domains delimited with commas, and with semi-collon.

First Flight
Is it possible (or even advisable) to consider using Global Catalog type connections for access to AD records? I am sure there are some pro's and cons.
Kudos Specialist

In the documentation under the section "Modifying the Service Schema" it says to "Load the Schema from your K2 Server (C:\Program Files\K2 blackpearl\ServiceBroker\SchemaObject.xml)"

 

It appears in fact that the service instance looks for this file under C:\Program Files\K2 blackpearl\Host Server\Bin

 

When I went to create the service instance I got an error message saying it could not locate the SchemaObject.xml file in this directory

First Flight

After carefully followed the instructions from the document provided as part of the downloaded zipped.

From SmartObjects - Services - Test tool, as a test I tried to execute "GetUsers" and "ReadUser" but received an error message as:

"Index was out of rang. Must be non-negative and less than the size of the collection.

Parameter name: index

Service: DynamicADSO

Service Guid: [guid info]

Serverity: Error

 

has anyone experienced this error or could you please kindly provide some advices how I can resolve this error.

 

thanks

JTH
First Flight

We are experiencing an issue where a people picker control using the GetUser method isn't resolving a user when their account name is entered.  The same user will be sucessfully returned if using the smartobject tester or a smartform where a button click calls the smartobject method using an input control as the account name input.

 

I reviewed the smartobject logging output of the call being made by the people picker vs the smartform example above and noticed that the former uses a contains operator while the latter uses direct equality.

 

I tried to mimic this in the tester using filters on AD properties which I know would include my example user account in the results, but it again wasn't returmed.

 

Some research showed that it wasn't returning users added to AD after a certain time.

 

The built-in AD User 2 object does return this user.

 

Is this associated with the limit mentioned in an earlier post?

 

BTW - I tried to open the solution file to have a poke around and it complained about not being able to check out a file from source control; not sure what thast is about.

 

Any help would be appreciated.

 

Regards Justin 

First Flight

Hello everyone,

Share your ideas and thoughts to me please, I have following condition:

 

Source code changes:

1. GetUsers method - increased size limit

2. Modified SchemaObject.xml - Added input and output attributes (including standard, custom)

 

Steps:

1. ServiceType registered 

2. ServiceInstance created

3. SmartObjects generated

4. When execute SmartObject method from SmartObjects - Services - Tester.exe

Error thrown with: The user name or password is incorrect.

 

We have normally running K2 environment, standard AD Service2 is working fine.

Methods from 1-4 all executed through the main service account configured for K2 environment.

Main service account can query normally from the ActiveDirectory using Powershell script.

Thanks in advance.

 

ERROR.jpg

 

First Flight

ADSO uses LDAP call to retrieve data from AD or does it use a database that has the information synced with AD.

Any answers?

 

Thanks

Anil Bingu

First Flight

Was there ever a resolution to the port from Andrew Blinco above?

 

We are encountering a similar issue with the installation on our validation/test environment.  We have installed the Dynamic ADSO the same way on our development environment with out any issues and files are installed in the smae locations/directory paths on both environments.

 

Thank you

 

Jason Milks

First Flight

I try using the Create User function and added the Common Name field to the schema.

It throws the invalid dn error and does not let me to specify the Common Name cn field so record will appear with its sAMAccountName in AD.

Is it possible to set the cn to FirstName_Surname eg John Smith rather than default it to sAMAccountName (john.smith) please?

 

Thank you

Sandor Mari

First Flight

this is a really useful service.  I did however encounter performance issues when running the GetUsers method when returning 600+ users.  It was taking over 60 seconds whereas the ADUser2 service was taking under 1 second to return the same number of users.

 

to resolve this problem i added a new function to the code to set the Searcher.PropertiesToLoad property to only the items being returned.  this reduced the time from over 60 seconds to sub 1 second.

 

dSearcher.Filter = getADUserLookUpString(ref so);

dSearcher.PropertiesToLoad.AddRange(getReturnPropsFromServiceObject(ref so));

 

where getReturnPropsFromServiceObject is:

 

private string[] getReturnPropsFromServiceObject(ref ServiceObject so)

{

List<string> returnProps = new List<string>();

Method meth = so.Methods[0];

for (int c = 0; c < meth.ReturnProperties.Count; c += 1)

{

Property prop = so.Properties[meth.ReturnProperties[c]];

if (prop.Name.IndexOf("UAC_") != -1)

{

if (returnProps.IndexOf("userAccountControl") == -1)

{

returnProps.Add("userAccountControl");

}

}

if (prop.Name.IndexOf("OrganisationalUnit") != -1)

{

returnProps.Add("DistinguishedName");

}

else

{

returnProps.Add(prop.Name);

}

}

return returnProps.ToArray();

}

 

First Flight

We are experiencing an issue where a people picker control using the GetUser method isn't resolving a user when their account name is entered.  The same user will be sucessfully returned if using the smartobject tester or a smartform where a button click calls the smartobject method using an input control as the account name input.

 

I reviewed the smartobject logging output of the call being made by the people picker vs the smartform example above and noticed that the former uses a contains operator while the latter uses direct equality.

 

I tried to mimic this in the tester using filters on AD properties which I know would include my example user account in the results, but it again wasn't returmed.

 

Some research showed that it wasn't returning users added to AD after a certain time.

 

The built-in AD User 2 object does return this user.

 

Is this associated with the limit mentioned in an earlier post?

 

BTW - I tried to open the solution file to have a poke around and it complained about not being able to check out a file from source control; not sure what thast is about.

 

Any help would be appreciated.

 

 

 

I am facing the same issue. Please if any one could help? 

 

Forum Technician

we have a problem where if we look for multiple people via a property

for people that have blank properties, they are getting populated from the person above them

for example - the property securityLicence is used by 3 people, yet when searching for users with the result we are getting others populated

 

sAMAccountName

Display Name

securityLicence

T1250

Tony Lewis

407216452

T3034

Paul James

407216452

T1498

Greg Wall

407216452

T2325

Garry Hug

407216452

 

 

 

T2352

Brad Burgess

2352

T2918

Norman Whalley

2352

T2514

Peter Tom

2352

T2208

Jeff Evans

2352

 

T00605

B Johnson

123465

T62320

Milne Aaron

123465

T62321

Milne Ian

123465

T62322

Bradley Reynolds

123465

T58598

Scott Garven

123465

First Flight

It seems that the download link has been eaten by the community relaunch. Could you please check it?