VB.NET - 如何转换SID为组名称与Active Directory [英] VB.NET - How to Convert SID to Group Name with Active Directory

问题描述

使用VB.NET，你如何转换SID来组名称与Active Directory？

例如：我需要得到group_test，而不是S-1-5-32-544

在code我使用的是：

 公共只读属性组作为IdentityReferenceCollection
    得到

        昏暗的体育馆作为IdentityReferenceCollection
        昏暗IR作为的IdentityReference
        IRC = WindowsIdentity.GetCurrent（）。组
        昏暗strGroupName作为字符串

        对于每一个IR在IRC
            昏暗mktGroup作为的IdentityReference = ir.Translate（的GetType（NTACCOUNT））
            MSGBOX（mktGroup.Value）
            的Debug.WriteLine（mktGroup.Value）
            strGroupName = mktGroup.Value.ToString

        下一个

        回IRC

    最终获取
高端物业
 

之类的东西呢？

 的currentUser = WindowsIdentity.GetCurrent（）

        对于每个refGroup作为的IdentityReference在currentUser.Groups

            昏暗的ACC作为NTACCOUNT = TryCast（refGroup.Translate（的GetType（NTACCOUNT）），NTACCOUNT）
            如果AdminGroupName = acc.Value然后
                RET =999
            结束如果
            如果UsersGroupName = acc.Value然后
                RET =1
            结束如果
 

怎么也适应这种code？ （如果用户在XX组，显示XX组下拉列表）

 对于每个用户组在WindowsIdentity.GetCurrent（）。组
            如果mktGroup.Value =BIG然后
                昏暗公司= ac1.Cast（中MarketingCompany）。凡（功能（AC）ac.MarketingCompanyShort =BIG）。FirstOrDefault
                如果公司未知没什么然后
                    marketingCo.Items.Add（的String.Format（{0} | {1}，Company.MarketingCompanyShort，Company.MarketingCompanyName））
                结束如果
            结束如果
        下一个
 

解决方案

下面是writen在C＃一个简单的方法，我认为这并不是很难适应：

  / *从在检索SID对象
  * /
  字符串SidLDAPURLForm =LDAP：// WM2008R2ENT：389 /＆LT; SID = {0}＆gt;中;
  System.Security.Principal.SecurityIdentifier sidToFind =新System.Security.Principal.SecurityIdentifier（S-1-5-21-3115856885-816991240-3296679909-1106）;

  的DirectoryEntry userEntry =新的DirectoryEntry（的String.Format（SidLDAPURLForm，sidToFind.Value））;

  字符串名称= userEntry.Properties [CN] Value.ToString（）。
 

这是在VB .NET感谢反射器

 昏暗SidLDAPURLForm的String =LDAP：// WM2008R2ENT：389 /＆LT; SID = {0}＆gt;中
昏暗sidToFind作为新的SecurityIdentifier（S-1-5-21-3115856885-816991240-3296679909-1106）
昏暗userEntry作为新的DirectoryEntry（的String.Format（SidLDAPURLForm，sidToFind.Value））
昏暗的名字作为字符串= userEntry.Properties.Item（CN）。Value.ToString
 

---- EDITED ----- 因此，这里是你想要的东西，但它一样是$ P $由@BiggsTRC pviously给出

 私人共享子主（参数为String（））
    昏暗的currentUser作为的WindowsIdentity = WindowsIdentity.GetCurrent（）

对于每个IREF作为的IdentityReference在currentUser.Groups
        Console.WriteLine（iRef.Translate（的GetType（NTACCOUNT）））
    下一个
结束小组
 

Using VB.NET, How do you Convert the sid to Group Name with Active Directory?

example: I need to get "group_test" and not "S-1-5-32-544"

The code I'm using is:

Public ReadOnly Property Groups As IdentityReferenceCollection
    Get

        Dim irc As IdentityReferenceCollection
        Dim ir As IdentityReference
        irc = WindowsIdentity.GetCurrent().Groups
        Dim strGroupName As String

        For Each ir In irc
            Dim mktGroup As IdentityReference = ir.Translate(GetType(NTAccount))
            MsgBox(mktGroup.Value)
            Debug.WriteLine(mktGroup.Value)
            strGroupName = mktGroup.Value.ToString

        Next

        Return irc

    End Get
End Property

or something like this?

        currentUser = WindowsIdentity.GetCurrent()

        For Each refGroup As IdentityReference In currentUser.Groups

            Dim acc As NTAccount = TryCast(refGroup.Translate(GetType(NTAccount)), NTAccount)
            If AdminGroupName = acc.Value Then
                ret = "999"
            End If
            If UsersGroupName = acc.Value Then
                ret = "1"
            End If

how would u adapt it to this code? (if user is in xx group, show xx group on drop down list)

        For Each UserGroup In WindowsIdentity.GetCurrent().Groups
            If mktGroup.Value = "BIG" Then
                Dim Company = ac1.Cast(Of MarketingCompany).Where(Function(ac) ac.MarketingCompanyShort = "BIG").FirstOrDefault
                If Company IsNot Nothing Then
                    marketingCo.Items.Add(String.Format("{0} | {1}", Company.MarketingCompanyShort, Company.MarketingCompanyName))
                End If
            End If
        Next

解决方案

Here is a simple way writen in C#, I think it's not to hard to adapt :

  /* Retreiving object from SID
  */
  string SidLDAPURLForm = "LDAP://WM2008R2ENT:389/<SID={0}>";
  System.Security.Principal.SecurityIdentifier sidToFind = new System.Security.Principal.SecurityIdentifier("S-1-5-21-3115856885-816991240-3296679909-1106");

  DirectoryEntry userEntry = new DirectoryEntry(string.Format(SidLDAPURLForm, sidToFind.Value));

  string name = userEntry.Properties["cn"].Value.ToString();

Here it is in VB .NET thanks to REFLECTOR

Dim SidLDAPURLForm As String = "LDAP://WM2008R2ENT:389/<SID={0}>"
Dim sidToFind As New SecurityIdentifier("S-1-5-21-3115856885-816991240-3296679909-1106")
Dim userEntry As New DirectoryEntry(String.Format(SidLDAPURLForm, sidToFind.Value))
Dim name As String = userEntry.Properties.Item("cn").Value.ToString

---- EDITED ----- So here is what you wants, but it's the same as that was previously given by @BiggsTRC

Private Shared Sub Main(args As String())
    Dim currentUser As WindowsIdentity = WindowsIdentity.GetCurrent()

For Each iRef As IdentityReference In currentUser.Groups
        Console.WriteLine(iRef.Translate(GetType(NTAccount)))
    Next
End Sub

这篇关于VB.NET - 如何转换SID为组名称与Active Directory的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！