c# 通过 LDAP 针对 Active Directory [英] c# against Active Directory over LDAP

问题描述

我正在针对 Active Directory 编写一些 c# 代码，并且无休止地尝试使其无法正常工作.以下代码有效，后面的代码无效:

I'm coding some c# against Active Directory and have tried endlessly to get this to work to no avail. The following code works and the code that follows it does not:

下面的代码使用 "WinNT://" + Environment.MachineName + ",Computer" 进行连接并且工作正常.

The code below is using "WinNT://" + Environment.MachineName + ",Computer" to make the connection and works fine.

   DirectoryEntry localMachine = new DirectoryEntry
        ("WinNT://" + Environment.MachineName + ",Computer");

    DirectoryEntry admGroup = localMachine.Children.Find
        ("Administrators", "group");

    object members = admGroup.Invoke("members", null);

    foreach (object groupMember in (IEnumerable)members)
    {
        DirectoryEntry member = new DirectoryEntry(groupMember);
        output.RenderBeginTag("p");
        output.Write(member.Name.ToString());
        output.RenderBeginTag("p");
    }



    base.Render(output);

我现在正在尝试换行:

"WinNT://" + Environment.MachineName + ",Computer"

到

"LDAP://MyDomainControllerName"

但似乎无论我尝试使用什么值来代替值MyDomainControllerName"，它都不起作用.

but it seems no matter what value I try in place of the value 'MyDomainControllerName' it wont work.

要获得MyDomainControllerName"值，我右键单击 MyComputer 并按照其他地方的建议复制计算机名称值，但这不起作用.

To get the 'MyDomainControllerName' value I right clicked on MyComputer and copied the computer name value as suggested elsewhere but this didn't work.

当我尝试使用上面的 LDAP://RootDSE 选项时，会导致以下错误:

When I try using the LDAP://RootDSE option above it results in the following error:

位于路径 LDAP://RootDSE 的 Active Directory 对象不是容器

The Active Directory object located at the path LDAP://RootDSE is not a container

你提到的成员方法有问题吗?

Is this a problem with the member methods as you mention?

推荐答案

使用 .NET Framework 连接 AD 时，可以使用无服务器"绑定，也可以指定每次使用的服务器(服务器绑定).

When connecting to AD using the .NET Framework, you can use "serverless" binding or you can specify a server to use everytime (server bound).

以下是同时使用两者的示例:

Here's an example of using both:

// serverless
DirectoryEntry rootConfig = new DirectoryEntry("LDAP://dc=domainname,dc=com");

// server bound
DirectoryEntry rootEntry = new DirectoryEntry("LDAP://domainControllerName/dc=domainName,dc=com");

我认为您误入歧途的是您忘记在最后包含您的域的 FQDN.希望这会有所帮助.

I think where you were going astray is you forgot to include the FQDN for your domain on the end. Hope this helps.

这篇关于c# 通过 LDAP 针对 Active Directory的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！