C# ng。换句话说,使用var varUser将导致名称空间错误 string strUserName = new System.Security.Principal.SecurityIdentifier(strUser).Translate(typeof(S
ng。换句话说,使用C# ng。换句话说,使用var varUser将导致名称空间错误 string strUserName = new System.Security.Principal.SecurityIdentifier(strUser).Translate(typeof(S,c#,sid,C#,Sid,ng。换句话说,使用var varUser将导致名称空间错误 string strUserName = new System.Security.Principal.SecurityIdentifier(strUser).Translate(typeof(System.Security.Principal.NTAccount)).ToString(); COMException是否显示了一条特定的消息?它可能是一个允许您在本地遍历目录服务的组策略,这就是您获得COM异常的原因。错误消息显示了什么
var varUserstring strUserName = new System.Security.Principal.SecurityIdentifier(strUser).Translate(typeof(System.Security.Principal.NTAccount)).ToString();
COMException是否显示了一条特定的消息?它可能是一个允许您在本地遍历目录服务的组策略,这就是您获得COM异常的原因。错误消息显示了什么?试着在网络机器上运行filemon为什么要访问它并查看结果。我的意思是“组策略不允许…”虽然这并不是错误的,但它只是重复了海报上指出的代码,在他的情况下不起作用。我刚刚开始编写一些类似的代码,并发现这是正确的。P/调用LookupAccountSid比使用SecurityIdentifier.Translate()更好。我在一个拥有60k以上用户的多林/域环境中工作。
TranslateSystem.DirectoryServices.AccountManagement.GroupPrincipalFindByIdentitystring GetNameFromSID( SecurityIdentifier sid )
{
string str = "LDAP://<SID=" + sid.Value + ">";
DirectoryEntry dirEntry = new DirectoryEntry( str );
return dirEntry.Name;
}
string str = "LDAP://<SID=" + sid.Value + ">";
using System.Security.Principal;
SecurityIdentifier sid = new SecurityIdentifier("S-1-5-18");
NTAccount acct = (NTAccount)sid.Translate(typeof(NTAccount));
Console.WriteLine(acct.Value);
string sid="S-1-5-21-789336058-507921405-854245398-9938";
string account = new System.Security.Principal.SecurityIdentifier(sid).Translate(typeof(System.Security.Principal.NTAccount)).ToString();
System.DirectoryServices.ActiveDirectory.Domain.GetCurrentDomain();
DirectoryEntry de = new DirectoryEntry(string.Format("LDAP://{0}", domain));
ActiveDirectoryMembershipUser user = (ActiveDirectoryMembershipUser)Membership.GetUser();
var sid = (SecurityIdentifier)user.ProviderUserKey;
(NTAccount)sid.Translate(typeof(NTAccount));
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = string.Format("(SAMAccountName={0})", username);
search.PropertiesToLoad.Add("Name");
search.PropertiesToLoad.Add("displayName");
search.PropertiesToLoad.Add("company");
search.PropertiesToLoad.Add("homePhone");
search.PropertiesToLoad.Add("mail");
search.PropertiesToLoad.Add("givenName");
search.PropertiesToLoad.Add("lastLogon");
search.PropertiesToLoad.Add("userPrincipalName");
search.PropertiesToLoad.Add("st");
search.PropertiesToLoad.Add("sn");
search.PropertiesToLoad.Add("telephoneNumber");
search.PropertiesToLoad.Add("postalCode");
SearchResult result = search.FindOne();
if (result != null)
{
foreach (string key in result.Properties.PropertyNames)
{
// Each property contains a collection of its own
// that may contain multiple values
foreach (Object propValue in result.Properties[key])
{
outputString += key + " = " + propValue + ".<br/>";
}
}
}
// Set the search context to a specific domain in active directory
var searchContext = new PrincipalContext(ContextType.Domain, "YOURDOMAIN", "OU=SomeOU,DC=YourCompany,DC=com");
// get the currently logged in user from IIS
MembershipUser aspUser = Membership.GetUser();
// get the SID of the user (stored in the SecurityIdentifier class)
var sid = aspUser.ProviderUserKey as System.Security.Principal.SecurityIdentifier;
// get the ActiveDirectory user object using the SID (sid.Value returns the SID in string form)
var adUser = UserPrincipal.FindByIdentity(searchContext, IdentityType.Sid, sid.Value);
// do stuff to user, look up group membership, etc.
SecurityIdentifier everyoneSid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
string everyone = everyoneSid.Translate(typeof(System.Security.Principal.NTAccount)).ToString();
string strUser = System.Security.Principal.WindowsIdentity.GetCurrent().User.ToString();
string strUserName = new System.Security.Principal.SecurityIdentifier(strUser).Translate(typeof(System.Security.Principal.NTAccount)).ToString();