我怀疑主要问题可能是:samAccountName 是其他 LDAP 服务器不知道的严格的仅限 Windows 的属性.

I suspect the main problem might be: samAccountName is a strictly Windows-only attribute that other LDAP servers won't know about.

因此，如果您要使用非 Active Directory LDAP，您应该使用其他东西进行搜索 - 例如sn(用于姓氏或姓氏)，givenName(名字)，可能是 displayName.

So if you're going against a non-Active Directory LDAP, you should use something else for searching - e.g. sn (for surname or last name), givenName (first name), possibly displayName.

另一个有趣的选择可能是使用 ANR(模糊名称解析)搜索 - 请参阅 SelfADSI 上的这个 页面 大致在中间，这里解释了 ANR.

Another interesting option might be to use ANR (ambiguous name resolution) searches - see this page on SelfADSI roughly in the middle, where ANR is explained.

使用 ANR，您可以这样编写查询:

With ANR, you would write your query like this:

string ldapSearchFilter = 
   string.Format("(&(ObjectCategory={0})(anr={1}))", "person", username);

我还将 ObjectClass 更改为 ObjectCategory 有两个原因:

I also changed ObjectClass to ObjectCategory for two reasons:

• ObjectCategory 是单值的，例如只包含一个值(ObjectClass 是多值的)
• ObjectCategory 通常会被索引，因此使用 ObjectCategory
搜索通常会快很多

• ObjectCategory is single-valued, e.g. only contains a single value (ObjectClass is multi-valued)
• ObjectCategory is typically indexed, and thus searches are typically a lot faster using ObjectCategory

这会返回您正在寻找的结果吗?

Does this return the results you're looking for?