用户认证表格AD [英] user authentication form AD

问题描述

我有一个可以在其中创建安全模块的应用程序

这将检查当前登录用户在活动目录中是否有效

但是我没有得到如何从活动目录中验证用户身份的方法

i have an application in which i create security module

which will check that current login user is valid in active diractory or not

but i didnt get how to authenticate the user from active diractory

推荐答案

如果用户在运行应用程序时登录到域中，则可以这样访问其凭据:

If the user is logged into the domain when they run the app then you can access their credentials as such:

System.Environment.UserName

如果他们没有登录到域，即如果您没有在从上述属性返回的字符串中检测到域用户，则不要让他们使用该应用程序.

用户始终可以右键单击->运行方式".我认为我不能为我的经理提供一个很好的理由来重写Windows免费提供的此功能.

欢呼.

If they are not logged into the domain, i.e. if you do not detect a domain user in the string that returns from the above property, then don''t let them use the application.

Users can always "right-click -> run as". I don''t think I could make a good case to my manager to rewrite this functionality that is provided free from Windows.

Cheers.

如果只希望安装者使用它，只需使设置项目强制该设置，而不用询问允许所有用户".

届时，只有安装它的人才能在其桌面，开始菜单以及程序和功能(添加/删除程序)"中看到它.

If you want it to be used only by the person that installed it, just make the setup project force that setting instead of asking "Allow all users".

At that point, only the person that installed it will even see it on their desktop, in their start menu, and in Programs & Features (Add/Remove Programs).

您需要参考System.DirectoryServices
您还需要知道ActiveDirectory路径(ADPath)

我们使用此代码对用户进行身份验证

You need to reference System.DirectoryServices
You also need to know the ActiveDirectory path (ADPath)

We use this code to authenticate a user

public static bool IsADSUser(string userAlias, string pwd)
{
    #region Source
    bool isADSUser = false;
    if (userAlias.Trim().Length == 0 || pwd.Length == 0)
    {
        isADSUser = false;
    }
    else
    {
        //call ADQuery to get UserInformation
        string filter = String.Format("(&(objectCategory=organizationalPerson)(samaccountname={0}))", userAlias);
        DirectoryEntry de = new DirectoryEntry(ADPath, userAlias, pwd, AuthenticationTypes.Secure);
        DirectorySearcher ds = new DirectorySearcher(de);
        ds.ReferralChasing = ReferralChasingOption.All;
        ds.Filter = filter;
        SearchResult result = null;
        using (de)
        {
            using (ds)
            {
                try
                {
                    result = ds.FindOne();
                }
                catch (Exception ex)
                {
                    if (ex.Message.Contains("Logon failure:"))
                    {
                        result = null;
                    }
                    else
                    {
                        throw ex;
                    }
                }
            }
        }
        if (result != null)
        {
            isADSUser = true;
        }
        else
        {
            isADSUser = false;
        }
    }
    return isADSUser;
    #endregion
}

这篇关于用户认证表格AD的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！