通过GroupPrincipal查找用户 [英] Finding a user through the GroupPrincipal

问题描述

在我的Active Directory（my.domain），我有许多团体（UserGrp1，UserGrp2等），其中有很多用户。用户可以在一个以上的基团存在。我现在有code，让我用GroupPrincipal类找到一个组，然后从那里获得该组的所有成员（见下文code）。 但是，我真正需要的是找到用户所属的所有组。比如说，我有一个名为乔测试的域用户（sAMAccountName赋= JOETEST），我需要找到所有组他所属。什么是做到这一点的最好方法是什么？

In my Active Directory (my.domain), I have many groups (UserGrp1, UserGrp2, etc.) which have many users. A user can exist in more than one group. I currently have code that allows me to use the GroupPrincipal class to find a group, and then from there to get all members of that group (see code below). However, what I really need is to find all groups to which a user belongs. For instance, I have a domain user named Joe Test (sAMAccountName=JOETEST) and I need to find all groups to which he belongs. What is the best way to do this?

我能确定用户所属的组（如下图），如果我遍历由GetMembers（）方法返回的所有成员，但这似乎效率不高，我和我会感到惊讶是不是有一个更有效的方法

I can determine if a user belongs to a group (as below) if I loop through all members returned by the GetMembers() method, but this seems inefficient to me and I'd be surprised were there not a more efficient way.

using (PrincipalContext ctx = new PrincipalContext(
  ContextType.Domain, "my.domain", "DC=my,DC=domain")) {

  if (ctx != null) {
    using (GroupPrincipal gp = GroupPrincipal.FindByIdentity(ctx, "UserGrp1")) {
      // Get all group members
      PrincipalSearchResult<Principal> psr = gp.GetMembers();
      foreach (Principal p in psr) {
         // other logic 
      }
    }
  }
}

在此先感谢您的帮助，我接受这一点。

Thanks in advance for any help that I receive on this.

推荐答案

用做它 UserPrincipal.GetGroups（）;

有关完整的code这是

For a complete code here it is

/// <summary>
/// Gets a list of the users group memberships
/// </summary>
/// <param name="sUserName">The user you want to get the group memberships</param>
/// <returns>Returns an arraylist of group memberships</returns>
public ArrayList GetUserGroups(string sUserName)
{
    ArrayList myItems = new ArrayList();
    UserPrincipal oUserPrincipal = GetUser(sUserName);

    PrincipalSearchResult<Principal> oPrincipalSearchResult = oUserPrincipal.GetGroups();

    foreach (Principal oResult in oPrincipalSearchResult)
    {
        myItems.Add(oResult.Name);
    }
    return myItems;
}



/// <summary>
/// Gets a certain user on Active Directory
/// </summary>
/// <param name="sUserName">The username to get</param>
/// <returns>Returns the UserPrincipal Object</returns>
public UserPrincipal GetUser(string sUserName)
{
    PrincipalContext oPrincipalContext = GetPrincipalContext();

    UserPrincipal oUserPrincipal = UserPrincipal.FindByIdentity(oPrincipalContext, sUserName);
    return oUserPrincipal;
}


/// <summary>
/// Gets the base principal context
/// </summary>
/// <returns>Retruns the PrincipalContext object</returns>
public PrincipalContext GetPrincipalContext()
{
    PrincipalContext oPrincipalContext = new PrincipalContext(ContextType.Domain, sDomain, sDefaultOU, ContextOptions.SimpleBind, sServiceUser, sServicePassword);
    return oPrincipalContext;
}

或一个完整的AD参考去这里。

这篇关于通过GroupPrincipal查找用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！