Solved

Active Directory - Search filter optimization

Posted on 2010-08-17
4
838 Views
Last Modified: 2012-08-14
Hello Experts,

I'm building an ASP.NET webpage that pulls the users info via Active Directory.  Right now it's working, but slower than I'd like.  So I'm trying to optimize my search filter in hopes of speeding up the search.  Right now my search filters is setup like so:

Mysearcher.Filter = "(&(objectCategory=person)(objectClass=user)(samAccountName=" & strNetworkID & "))"

Can anyone help me to tweak this for faster performance?

Thanks,
Moe
0
Comment
Question by:mauricerichard
  • 2
  • 2
4 Comments
 
LVL 2

Expert Comment

by:mrfixit584
ID: 33454818
The filter is pretty much as lean as it can be. The question is, how much of the tree are you searching, and do you need to search the entire tree? If all of your users are in a sub-OU, you could restrict your search to that OU instead of searching the entire structure.
0
 
LVL 1

Author Comment

by:mauricerichard
ID: 33464251
Hi Mrfixit584,

I'm struggling with Active Directory, so pardon any silly questions.  
Where would I indicate this, in the search filter or DirectoryEntry?

See code sample for examples

Thanks,
Moe
Mysearcher.Filter = "(&(objectCategory=person)(objectClass=user)(samAccountName=" & strNetworkID & "))"

'OR

Dim rootEntry As New DirectoryEntry("LDAP://domain/DC=domainDN,DC=com", "username", "password")

Open in new window

0
 
LVL 2

Accepted Solution

by:
mrfixit584 earned 500 total points
ID: 33562073
It would be part of the LDAP call. instead of LDAP://dc=domain,dc=com, make it more specific. LDAP://ou=myOU,dc=domain,dc=com. For some of my searches, this isn't possible, but if the objects you are searching are in a certain location, you can specify the location so the search doesn't include the entire domain.
0
 
LVL 1

Author Comment

by:mauricerichard
ID: 33599040
Sorry been away from the office.  Great info, thanks very much!
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

[b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question