如何获得AD用户组的用户在Asp.Net? [英] How to get AD User Groups for user in Asp.Net?
问题描述
我需要能够得到用户的组的列表,但我需要有一个/一些/所有的以下属性可见:
- 的distinguishedName
- 名称
- CN
- 在SAM帐户
我现在所拥有的返回某种名字,但没有任何一个上面的那些(名字似乎接近,但正确并不都匹配这是我使用的:
的ArrayList组=新的ArrayList();
的foreach(在System.Web.HttpContext.Current.Request.LogonUserIdentity.Groups System.Security.Principal.IdentityReference组)
groups.Add(group.Translate(typeof运算(System.Security.Principal.NTAccount)));
就像我说的,上面的作品,但不会得到我正确的名字,我需要为我的程序(上面指定的那些)。我需要这是能够与列表我得到,同时呼吁所有组我的域名匹配:
的DirectoryEntry的dirent =新的DirectoryEntry(LDAP:// my_domain_controller);
DirectorySearcher从SRCH =新DirectorySearcher从(的dirent);
srch.Filter =(对象类=集团);
变种结果= srch.FindAll();
您不能一步到位做到这一点,因为小组还与性质不同的广告条目。
因此,在第一次运行时,你应该得到的组名的用户,填补他们在某种类型的列表。
第二步是要经过所有的组名和一个查询逐一得到组属性(如distinguishedName来,等等),并收集某种结构。
I need to be able to get a list of the groups a user is in, but I need to have one/some/all of the following properties visible:
- distinguishedname
- name
- cn
- samaccountname
What I have right now returns some sort of name, but not any of the ones above (the names seem close, but don't all match correctly. This is what I am using:
ArrayList groups = new ArrayList();
foreach (System.Security.Principal.IdentityReference group in System.Web.HttpContext.Current.Request.LogonUserIdentity.Groups)
groups.Add(group.Translate(typeof(System.Security.Principal.NTAccount)));
Like I said, the above works, but will not get me the proper names I need for my program (the ones specified above). I need this to be able to match up with the list I get while calling all of the groups in my domain:
DirectoryEntry dirEnt = new DirectoryEntry("LDAP://my_domain_controller");
DirectorySearcher srch = new DirectorySearcher(dirEnt);
srch.Filter = "(objectClass=Group)";
var results = srch.FindAll();
You cannot do this in one step, as groups are also separate AD entries with properties.
So in the first run you should get the group names a user is in and fill them in a list of some kind.
The second step is to go through all of the group names and query them one by one to get the group properties (like distinguishedname, and so on) and collect it to some kind of structure.
这篇关于如何获得AD用户组的用户在Asp.Net?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
