C++ 需要检索用户所属的所有组。。。在C++;
我需要找到特定用户所属的所有组。我使用C++,不是PosiS壳,如果这是错误的论坛我道歉。 根据我在web上找到的内容,我需要检索memberOf属性,但我得到一个错误,即该属性不存在。任何帮助都将不胜感激。代码如下:C++ 需要检索用户所属的所有组。。。在C++;,c++,winapi,ldap,C++,Winapi,Ldap,我需要找到特定用户所属的所有组。我使用C++,不是PosiS壳,如果这是错误的论坛我道歉。 根据我在web上找到的内容,我需要检索memberOf属性,但我得到一个错误,即该属性不存在。任何帮助都将不胜感激。代码如下: HRESULT hrObj = E_FAIL; HRESULT hr = E_FAIL; ADS_SEARCHPREF_INFO SearchPrefs; // COL for iterations ADS_SEARCH_COLUMN col; // Handle used
HRESULT hrObj = E_FAIL;
HRESULT hr = E_FAIL;
ADS_SEARCHPREF_INFO SearchPrefs;
// COL for iterations
ADS_SEARCH_COLUMN col;
// Handle used for searching
ADS_SEARCH_HANDLE hSearch;
// Search entire subtree from root.
SearchPrefs.dwSearchPref = ADS_SEARCHPREF_SEARCH_SCOPE;
SearchPrefs.vValue.dwType = ADSTYPE_INTEGER;
SearchPrefs.vValue.Integer = ADS_SCOPE_SUBTREE;
// Set the search preference.
DWORD dwNumPrefs = 1;
hr = pSearchBase->SetSearchPreference(&SearchPrefs, dwNumPrefs);
if (FAILED(hr))
{
return hr;
}
// Create search filter.
LPWSTR pszFormat = L"(&(objectCategory=person)(objectClass=user)(sAMAccountName=%s))";
int len = wcslen(pszFormat) + wcslen(szFindUser) + 1;
LPWSTR pszSearchFilter = new WCHAR[len];
if(NULL == pszSearchFilter)
{
return E_OUTOFMEMORY;
}
swprintf_s(pszSearchFilter, len, pszFormat, szFindUser);
// Set attributes to return.
LPWSTR pszAttribute[NUM_ATTRIBUTES] = {L"ADsPath"};
// Execute the search.
hr = pSearchBase->ExecuteSearch(pszSearchFilter,
pszAttribute,
NUM_ATTRIBUTES,
&hSearch);
if (SUCCEEDED(hr))
{
// Call IDirectorySearch::GetNextRow() to retrieve the next row of data.
while(pSearchBase->GetNextRow(hSearch) != S_ADS_NOMORE_ROWS)
{
// Loop through the array of passed column names and
// print the data for each column.
for (DWORD x = 0; x < NUM_ATTRIBUTES; x++)
{
// Get the data for this column.
hr = pSearchBase->GetColumn(hSearch, pszAttribute[x], &col);
if (SUCCEEDED(hr))
{
// Print the data for the column and free the column.
// Be aware that the requested attribute is type CaseIgnoreString.
if (ADSTYPE_CASE_IGNORE_STRING == col.dwADsType)
{
IADs *pADS;
hr = ADsOpenObject( col.pADsValues->CaseIgnoreString,
L"Administrator",
L"passW0rd",
ADS_SECURE_AUTHENTICATION,
IID_IADs,
(void**)&pADS);
VARIANT var;
VariantInit(&var);
if (SUCCEEDED(hr))
{
hr = pADS->GetEx(L"memberOf", &var); <-- FAILS!!!
wprintf(L"Found User.\n",szFindUser);
wprintf(L"%s: %s\r\n",pszAttribute[x],col.pADsValues->CaseIgnoreString);
hrObj = S_OK;
}
}
pSearchBase->FreeColumn( &col );
}
else
{
hr = E_FAIL;
}
}
}
// Close the search handle to cleanup.
pSearchBase->CloseSearchHandle(hSearch);
}
delete pszSearchFilter;
if (FAILED(hrObj))
{
hr = hrObj;
}
HRESULT hrObj=E_FAIL;
HRESULT hr=E_失败;
广告搜索优先权信息搜索优先权;
//用于迭代的COL
广告搜索栏;
//用于搜索的手柄
广告搜索;
//从根搜索整个子树。
SearchPrefs.dwSearchPref=ADS\u SEARCHPREF\u SEARCH\u SCOPE;
SearchPrefs.vValue.dwType=ADSTYPE\u整数;
SearchPrefs.vValue.Integer=ADS\u SCOPE\u子树;
//设置搜索首选项。
DWORD dwNumPrefs=1;
hr=pSearchBase->SetSearchPreference(&SearchPrefs,dwNumPrefs);
如果(失败(小时))
{
返回人力资源;
}
//创建搜索过滤器。
LPWSTR pszFormat=L“(&(objectCategory=person)(objectClass=user)(sAMAccountName=%s))”;
int len=wcslen(pszFormat)+wcslen(szFindUser)+1;
LPWSTR pszSearchFilter=新WCHAR[len];
if(NULL==pszSearchFilter)
{
返回E_OUTOFMEMORY;
}
swprintf_s(pszSearchFilter、len、pszFormat、szFindUser);
//设置要返回的属性。
LPWSTR pszAttribute[NUM_ATTRIBUTES]={L“ADsPath”};
//执行搜索。
hr=pSearchBase->ExecuteSearch(pszSearchFilter,
pszAttribute,
NUM_属性,
&研究);
如果(成功(hr))
{
//调用IDirectorySearch::GetNextRow()检索下一行数据。
while(pSearchBase->GetNextRow(hSearch)!=S\u ADS\u NOMORE\u行)
{
//循环遍历传递的列名和
//打印每列的数据。
对于(DWORD x=0;xGetColumn(hSearch,pszAttribute[x],&col);
如果(成功(hr))
{
//打印列的数据并释放列。
//请注意,请求的属性是CaseIgnoreString类型。
if(ADSTYPE\u CASE\u IGNORE\u STRING==col.dwADsType)
{
IADs*pADS;
hr=adOpenObject(col.pADsValues->CaseIgnoreString,
L“管理员”,
L“passW0rd”,
ADS\u安全\u身份验证,
IID_IADs,
(无效**)和pADS);
变异变量;
方差(var);
如果(成功(hr))
{
hr=pADS->GetEx(L“memberOf”和&var);CaseIgnoreString);
hrObj=S_正常;
}
}
pSearchBase->自由列(&col);
}
其他的
{
hr=E_失败;
}
}
}
//关闭搜索句柄以进行清理。
pSearchBase->CloseSearchHandle(hSearch);
}
删除pszSearchFilter;
如果(失败(hrObj))
{
hr=hrObj;
}
除非您设置为直接使用AD,否则使用Windows Net*功能进行作业可能更容易:
#include <windows.h>
#include <lm.h>
#include <stdio.h>
int main() {
wchar_t user[256];
DWORD size = sizeof(user)/sizeof(user[0]);
GetUserNameW(user, &size);
printf("User: %S\n", user);
printf("Local groups: \n");
LPBYTE buffer;
DWORD entries, total_entries;
NetUserGetLocalGroups(NULL, user, 0, LG_INCLUDE_INDIRECT, &buffer, MAX_PREFERRED_LENGTH, &entries, &total_entries);
LOCALGROUP_USERS_INFO_0 *groups = (LOCALGROUP_USERS_INFO_0*)buffer;
for (int i=0; i<entries; i++)
printf("\t%S\n", groups[i].lgrui0_name);
NetApiBufferFree(buffer);
printf("Global groups: \n");
NetUserGetGroups(NULL, user, 0, &buffer, MAX_PREFERRED_LENGTH, &entries, &total_entries);
GROUP_USERS_INFO_0 *ggroups = (GROUP_USERS_INFO_0*)buffer;
for (int i=0; i<entries; i++)
printf("\t%S\n", ggroups[i].grui0_name);
NetApiBufferFree(buffer);
return 0;
}
#包括
#包括
#包括
int main(){
wchar__t用户[256];
DWORD size=sizeof(用户)/sizeof(用户[0]);
GetUserNameW(用户和大小);
printf(“用户:%S\n”,用户);
printf(“本地组:\n”);
字节缓冲区;
DWORD条目,总条目;
NetUserGetLocalGroups(NULL、user、0、LG\u包括\u间接、缓冲区、最大\u首选长度、条目和总条目);
本地组用户信息组=(本地组用户信息组0*)缓冲区;
对于(int i=0;i感谢您的回复,我想我在MSDN中找到了我想要的东西
HRESULT CheckUserGroups(IADsUser *pUser)
{
IADsMembers *pGroups;
HRESULT hr = S_OK;
hr = pUser->Groups(&pGroups);
pUser->Release();
if (FAILED(hr)) return hr;
IUnknown *pUnk;
hr = pGroups->get__NewEnum(&pUnk);
if (FAILED(hr)) return hr;
pGroups->Release();
IEnumVARIANT *pEnum;
hr = pUnk->QueryInterface(IID_IEnumVARIANT,(void**)&pEnum);
if (FAILED(hr)) return hr;
pUnk->Release();
// Enumerate.
BSTR bstr;
VARIANT var;
IADs *pADs;
ULONG lFetch;
IDispatch *pDisp;
VariantInit(&var);
hr = pEnum->Next(1, &var, &lFetch);
while(hr == S_OK)
{
if (lFetch == 1)
{
pDisp = V_DISPATCH(&var);
pDisp->QueryInterface(IID_IADs, (void**)&pADs);
pADs->get_Name(&bstr);
printf("Group belonged: %S\n",bstr);
SysFreeString(bstr);
pADs->Release();
}
VariantClear(&var);
pDisp=NULL;
hr = pEnum->Next(1, &var, &lFetch);
};
hr = pEnum->Release();
return S_OK;
}
尝试在请求的属性字段中请求memberOf
和isMemberOf
。感谢您的回复,但不幸的是我没有选择。我必须使用AD/C++检索特定用户所属的所有LDAP组。顺便说一句,在我的代码中可能会忽略的一点是,我检索的是LDAP组,而不是本地组.谢谢。样品在这里: