How to check OU accessability in C # , DirectoryEntry?

Question

I'm using DirectoryEntry class

Trying to read all users from specific OU and sub OU's.

Following code is part of task

using(DirectoryEntry dEntry = new DirectoryEntry(dn))
using(DirectorySearcher dSearcher = new  DirectorySearcher(dEntry))
{
     dSearcher.SearchScope = SearchScope.Subtree;
     dSearcher.Filter = "(&(objectClass=user) (objectCategory=person))";
     foreach(SearchResult in dSearcher.FindAll())
     {
        //Do something...
     }
}

some of sub OU's are protected from reading for current user. And i got task exception "one or more error accured" I'm looking for way to check if OU is not accessible and skip it. And to write that OU to log. I tried following :

 public void GetOu(List<MyUser> list, string path)
 {
     using (DirectoryEntry dEntry = new     DirectoryEntry(path))
     using(DirectorySearcher dSearcher = new DirectorySearcher(dEntry))
     {
           dSearcher.SearcherScope = SearchScope.Subtree;
           dSearcher.Filter = "(objectClass=organizationalUnit)";
           foreach(SearchResult result in dSearcher.FindAll())
           {
               GetUsersFromOU(list,result.GetDirectoryEntry());
            }
       }
 }
public void GetUsersFromOU(List<MyUser> list,DirectoryEntry ou)
{
     using (DirectorySearcher dSearcher = new DirectorySearcher(ou);
     dSearcher.SearchScope = SearchScope.OneLevel;
     dSearcher.Filter = "(&(objectClass=user)(objectCategory=person))";
     foreach (Search result in dSearcher.FindAll())
      {
          //Do something.... update list...
      }
 }

Now get no exceptions and skips not accessible OUs. 1.But still can't find what are the "bad ou"s 2.run time is catastrophic...

Answer 1

You will have to make sure that the user running the process has the appropriate permissions to perform the lookup. This will be your Windows account in a desktop application and the account running the application pool in an ASP.NET application.