活动目录:获得团体,其中一个用户成员 [英] Active directory : get groups where a user is member
本文介绍了活动目录:获得团体,其中一个用户成员的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我想找到组列表,用户是成员。我试着从几个解决方案 HTTP://www.$c$cproject.com/KB/system/everythingInAD的.aspx 但没有结果。
I'd like find the groups list where a user is member. I tried several solution from http://www.codeproject.com/KB/system/everythingInAD.aspx but no result.
这code给我一个真,是指LDAP正在运行:
This code give me a "true", means LDAP is running :
public static bool Exists(string objectPath)
{
bool found = false;
if (DirectoryEntry.Exists("LDAP://" + objectPath))
found = true;
return found;
}
谢谢
更新1:
public ArrayList Groups(string userDn, bool recursive)
{
ArrayList groupMemberships = new ArrayList();
return AttributeValuesMultiString("memberOf", "LDAP-Server",
groupMemberships, recursive);
}
public ArrayList AttributeValuesMultiString(string attributeName,
string objectDn, ArrayList valuesCollection, bool recursive)
{
DirectoryEntry ent = new DirectoryEntry(objectDn);
PropertyValueCollection ValueCollection = ent.Properties[attributeName];
IEnumerator en = ValueCollection.GetEnumerator();
while (en.MoveNext())
{
if (en.Current != null)
{
if (!valuesCollection.Contains(en.Current.ToString()))
{
valuesCollection.Add(en.Current.ToString());
if (recursive)
{
AttributeValuesMultiString(attributeName, "LDAP://" +
en.Current.ToString(), valuesCollection, true);
}
}
}
}
ent.Close();
ent.Dispose();
return valuesCollection;
}
我有一个例外:
I have an exception on :
PropertyValueCollection ValueCollection = ent.Properties[attributeName];
收到COMException是未经处理的
"COMException was unhandled"
推荐答案
我发现计算器的解决方案。 ConnectionString中的格式是这样的:
I found the solution on stackoverflow. The connectionString format is like this :
LDAP://domain.subdomain.com:389/DC=domain,DC=subdomain,DC=com
在code:
The Code :
public IList<string> GetGroupsByUser(string ldapConnectionString, string username)
{
IList<string> groupList = new List<string>();
var identity = WindowsIdentity.GetCurrent().User;
var allDomains = Forest.GetCurrentForest().Domains.Cast<Domain>();
var allSearcher = allDomains.Select(domain =>
{
var searcher = new DirectorySearcher(new DirectoryEntry(ldapConnectionString));
// Apply some filter to focus on only some specfic objects
searcher.Filter = String.Format("(&(&(objectCategory=person)(objectClass=user)(name=*{0}*)))", username);
return searcher;
});
var directoryEntriesFound = allSearcher
.SelectMany(searcher => searcher.FindAll()
.Cast<SearchResult>()
.Select(result => result.GetDirectoryEntry()));
var memberOf = directoryEntriesFound.Select(entry =>
{
using (entry)
{
return new
{
Name = entry.Name,
GroupName = ((object[])entry.Properties["MemberOf"].Value).Select(obj => obj.ToString())
};
}
});
foreach (var item in memberOf)
foreach (var groupName in item.GroupName)
groupList.Add(groupName);
return groupList;
}
这篇关于活动目录:获得团体,其中一个用户成员的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文