Menu
I see Active Directory examples that use PrincipalSearcher and other examples that do the same thing but use DirectorySearcher. What is the difference between these two examples?
Example using PrincipalSearcher
PrincipalContext context = new PrincipalContext(ContextType.Domain); PrincipalSearcher search = new PrincipalSearcher(new UserPrincipal(context)); foreach( UserPrincipal user in search.FindAll() ) { if( null != user ) Console.WriteLine(user.DistinguishedName); } Example using DirectorySearcher
DirectorySearcher search = new DirectorySearcher("(&(objectClass=user)(objectCategory=person))"); search.PageSize = 1000; foreach( SearchResult result in search.FindAll() ) { DirectoryEntry user = result.GetDirectoryEntry(); if( null != user ) Console.WriteLine(user.Properties["distinguishedName"].Value.ToString()); } 
507
This principle states that every group so formed and every member who is a part of such a group is responsible for the continuous functioning of the same group. Groups adjourn only upon the completion of the task or the achievement of the goal.
PrincipalContext(ContextType) Initializes a new instance of the PrincipalContext class with the specified context type. PrincipalContext(ContextType, String) Initializes a new instance of the PrincipalContext class with the specified context type and name.
I've spent a lot of time analyzing the differences between these two. Here's what I've learned.
DirectorySearcher comes from the System.DirectoryServices namespace.
PrincipalSearcher comes from the System.DirectoryServices.AccountManagement namespace, which is built on top of System.DirectoryServices. PrincipalSearcher internally uses DirectorySearcher.
The AccountManagement namespace (i.e. PrincipalSearcher) was designed to simplify management of User, Group, and Computer objects (i.e. Principals). In theory, it's usage should be easier to understand, and produce fewer lines of code. Though in my practice so far, it seems to heavily depend on what you're doing.
DirectorySearcher is more low-level and can deal with more than just User, Group and Computer objects.
For general usage, when you're working with basic attributes and only a few objects, PrincipalSearcher will result in fewer lines of code and faster run time.
The advantage seems to disappear the more advanced the tasks you're doing become. For instance if you're expecting more than few hundred results, you'll have to get the underlying DirectorySearcher and set the PageSize
DirectorySearcher ds = search.GetUnderlyingSearcher() as DirectorySearcher; if( ds != null ) ds.PageSize = 1000; DirectorySearcher can be significantly faster than PrincipalSearcher if you make use of PropertiesToLoad.
DirectorySearcher and like classes can work with all objects in AD, whereas PrincipalSearcher is much more limited. For example, you can not modify an Organizational Unit using PrincipalSearcher and like classes.
Here is a chart I made to analyze using PrincipalSearcher, DirectorySearcher without using PropertiesToLoad, and DirectorySearcher with using PropertiesToLoad. All tests...
PageSize of 1000 objectClass=userobjectCategory=person!msExchResourceMetaData=ResourceType:Room)!userAccountControl:1.2.840.113556.1.4.803:=2) 
Using PrincipalSearcher
[DirectoryRdnPrefix("CN")] [DirectoryObjectClass("Person")] public class UserPrincipalEx: UserPrincipal { private AdvancedFiltersEx _advancedFilters; public UserPrincipalEx( PrincipalContext context ): base(context) { this.ExtensionSet("objectCategory","User"); } public new AdvancedFiltersEx AdvancedSearchFilter { get { if( null == _advancedFilters ) _advancedFilters = new AdvancedFiltersEx(this); return _advancedFilters; } } } public class AdvancedFiltersEx: AdvancedFilters { public AdvancedFiltersEx( Principal principal ): base(principal) { } public void Person() { this.AdvancedFilterSet("objectCategory", "person", typeof(string), MatchType.Equals); this.AdvancedFilterSet("msExchResourceMetaData", "ResourceType:Room", typeof(string), MatchType.NotEquals); } } //... for( int i = 0; i < 10; i++ ) { uint count = 0; Stopwatch timer = Stopwatch.StartNew(); PrincipalContext context = new PrincipalContext(ContextType.Domain); UserPrincipalEx filter = new UserPrincipalEx(context); filter.Enabled = true; filter.AdvancedSearchFilter.Person(); PrincipalSearcher search = new PrincipalSearcher(filter); DirectorySearcher ds = search.GetUnderlyingSearcher() as DirectorySearcher; if( ds != null ) ds.PageSize = 1000; foreach( UserPrincipalEx result in search.FindAll() ) { string canonicalName = result.CanonicalName; count++; } timer.Stop(); Console.WriteLine("{0}, {1} ms", count, timer.ElapsedMilliseconds); } Using DirectorySearcher
for( int i = 0; i < 10; i++ ) { uint count = 0; string queryString = "(&(objectClass=user)(objectCategory=person)(!msExchResourceMetaData=ResourceType:Room)(!userAccountControl:1.2.840.113556.1.4.803:=2))"; Stopwatch timer = Stopwatch.StartNew(); DirectoryEntry entry = new DirectoryEntry(); DirectorySearcher search = new DirectorySearcher(entry,queryString); search.PageSize = 1000; foreach( SearchResult result in search.FindAll() ) { DirectoryEntry user = result.GetDirectoryEntry(); if( user != null ) { user.RefreshCache(new string[]{"canonicalName"}); string canonicalName = user.Properties["canonicalName"].Value.ToString(); count++; } } timer.Stop(); Console.WriteLine("{0}, {1} ms", count, timer.ElapsedMilliseconds); } Using DirectorySearcher with PropertiesToLoad
Same as "Using DirectorySearcher but add this line
search.PropertiesToLoad.AddRange(new string[] { "canonicalName" }); After
search.PageSize = 1000; If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With