LDAP查询具体到组所有成员 [英] Ldap Query for all members specific to a Group
问题描述
我希望得到属于被传递到私有方法的特定组组名的用户列表。
I am looking to get a list of users that belong to a specific group 'groupName' is passed into the private method.
DirectoryEntry de = new DirectoryEntry("LDAP://DC=xxxx,DC=net"); // Root Directory //
var ds = new DirectorySearcher(de);
ds.PropertiesToLoad.Add("SAMAccountName");
ds.PropertiesToLoad.Add("member");
ds.Filter = "(&(objectClass=group)(SAMAccountName=" + groupName + "))";
SearchResultCollection AllGroupUsers;
AllGroupUsers = ds.FindAll();
查询返回3个属性: - Active Directory路径,帐户名和成员。
会员是我真的很after.I访问的成员属性和它的下面一段code的值表明: -
The query returns 3 properties :- adspath, accountName and member. Member is what I am really after.I access the member property and its values as the following piece of code demonstrates:-
if (AllGroupUsers.Count > 0)
{
ResultPropertyValueCollection values = AllGroupUsers[0].Properties["member"];
但奇怪的事情发生在这里。等号的右边,AllGroupUsers具有特定成员为CN =迈克Schoomaker R,........
but something strange happens here. On the RHS of the equal sign, AllGroupUsers has a value for a specific member as "CN=Mike Schoomaker R,........"
虽然等号的LHS,价值观有CN =迈克Schoomaker(OR),......
While on the LHS of the equal sign, values has "CN=Mike Schoomaker (OR),....."
我不太清楚这怎么可能......这不会发生的每下AllGroupUsers每个值...只有我知道的就是它发生的外部用户在Active Directory ...谁能秀我怎样才能解决这个问题,并得到实际的名字,姓氏和MiddleInitial?
I am not quite sure how this is possible... It doesn't happen for each and every value under AllGroupUsers... only thing I know is it happens for external users on the active directory... Can anyone show me how I can fix this and get the actual firstName, LastName and MiddleInitial ?
推荐答案
要获取用户,而不是一组您应该设置DirectoryEntry对象,并使用相应的属性(如显示名
, SN
,给定名称
,缩写
)
To get a user, not a group you should set DirectoryEntry object and use corresponding properties (e.g. displayName
, sn
, givenName
, initials
)
例如:
...
AllGroupUsers = ds.FindAll();
if (AllGroupUsers.Count > 0) {
ResultPropertyValueCollection values = AllGroupUsers[0].Properties["member"];
foreach (string s in values)
{
DirectoryEntry u = new DirectoryEntry("LDAP://" + s);
Console.WriteLine(u.Properties["displayName"].Value);
}
}
这篇关于LDAP查询具体到组所有成员的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!