列出所有Active Directory组 [英] Listing All Active Directory Groups
问题描述
下面code列出了一些,但不是全部,Active Directory组。为什么呢?
我想列出所有安全组,通讯组,计算机组等有我指定了错误的对象类?
任何帮助,极大地AP preciated。
私有静态无效ListGroups()
{
的DirectoryEntry objADAM =默认(的DirectoryEntry);
的DirectoryEntry objGroupEntry =默认(的DirectoryEntry);
DirectorySearcher从objSearchADAM =默认(DirectorySearcher从);
SearchResultCollection objSearchResults =默认(SearchResultCollection);
信息搜索结果myResult中= NULL;
objADAM =新的DirectoryEntry(LDAP);
objADAM.RefreshCache();
objSearchADAM =新DirectorySearcher从(objADAM);
objSearchADAM.Filter =(及(objectClass的=基团));
objSearchADAM.SearchScope = SearchScope.Subtree;
objSearchResults = objSearchADAM.FindAll();
//枚举组
尝试
{
fileGroups.AutoFlush = TRUE;
如果(objSearchResults.Count!= 0)
{
的foreach(信息搜索结果objResult在objSearchResults)
{
myResult中= objResult;
objGroupEntry = objResult.GetDirectoryEntry();
Console.WriteLine(objGroupEntry.Name);
fileGroups.WriteLine(objGroupEntry.Name.Substring(3));
}
}
其他
{
抛出新的异常(无群体找到);
}
}
赶上(PrincipalException E)
{
fileErrorLog.AutoFlush = TRUE;
fileErrorLog.WriteLine(e.Message ++ myResult.Path);
}
赶上(例外五)
{
抛出新的异常(e.Message);
}
}
如果您使用的是.NET 3.5或更高版本,可以使用 PrincipalSearcher 和查询逐例如主要做你的搜索:
//创建域上下文
PrincipalContext CTX =新PrincipalContext(ContextType.Domain);
//定义一个查询通过例如委托 - 在这里,我们搜索GroupPrincipal
GroupPrincipal qbeGroup =新GroupPrincipal(CTX);
//创建你的本金搜索传入QBE校长
PrincipalSearcher SRCH =新PrincipalSearcher(qbeGroup);
//找到所有匹配
的foreach(VAR在srch.FindAll发现())
{
//做任何在这里 - 发现的类型是主 - 它可以是用户,组,计算机.....
}
如果您还没有 - 绝对阅读MSDN文章管理目录安全主体在.NET Framework 3.5 这表明很好如何使新功能的最佳使用 System.DirectoryServices.AccountManagement
The following code lists some, but not all, Active Directory Groups. Why?
I am trying to list all security groups, distribution groups, computer groups etc. Have I specified the wrong objectClass?
Any assistance greatly appreciated.
private static void ListGroups()
{
DirectoryEntry objADAM = default(DirectoryEntry);
DirectoryEntry objGroupEntry = default(DirectoryEntry);
DirectorySearcher objSearchADAM = default(DirectorySearcher);
SearchResultCollection objSearchResults = default(SearchResultCollection);
SearchResult myResult=null;
objADAM = new DirectoryEntry(LDAP);
objADAM.RefreshCache();
objSearchADAM = new DirectorySearcher(objADAM);
objSearchADAM.Filter = "(&(objectClass=group))";
objSearchADAM.SearchScope = SearchScope.Subtree;
objSearchResults = objSearchADAM.FindAll();
// Enumerate groups
try
{
fileGroups.AutoFlush = true;
if (objSearchResults.Count != 0)
{
foreach (SearchResult objResult in objSearchResults)
{
myResult = objResult;
objGroupEntry = objResult.GetDirectoryEntry();
Console.WriteLine(objGroupEntry.Name);
fileGroups.WriteLine(objGroupEntry.Name.Substring(3));
}
}
else
{
throw new Exception("No groups found");
}
}
catch (PrincipalException e)
{
fileErrorLog.AutoFlush = true;
fileErrorLog.WriteLine(e.Message + " " + myResult.Path);
}
catch (Exception e)
{
throw new Exception(e.Message);
}
}
If you're on .NET 3.5 or newer, you can use a PrincipalSearcher and a "query-by-example" principal to do your searching:
// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// define a "query-by-example" principal - here, we search for a GroupPrincipal
GroupPrincipal qbeGroup = new GroupPrincipal(ctx);
// create your principal searcher passing in the QBE principal
PrincipalSearcher srch = new PrincipalSearcher(qbeGroup);
// find all matches
foreach(var found in srch.FindAll())
{
// do whatever here - "found" is of type "Principal" - it could be user, group, computer.....
}
If you haven't already - absolutely read the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 which shows nicely how to make the best use of the new features in System.DirectoryServices.AccountManagement
这篇关于列出所有Active Directory组的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
