C# 在Active Directory中搜索全局域
如果我有以下AD域路径: 广告路径:C# 在Active Directory中搜索全局域,c#,active-directory,C#,Active Directory,如果我有以下AD域路径: 广告路径: LDAP://AAA.CORP.XX.COM LDAP://BBB.CORP.XX.COM LDAP://CCC.BBB.CORP.XX.COM LDAP://DDD.CORP.XX.COM LDAP://EEE.CORP.XX.COM LDAP://FFF.CORP.XX.COM 我需要搜索在上述领域的用户,如果存在于其中一个或没有 我当前的解决方案: 我通过上面的所有域循环,对于每个域,我检查用户是否存在,在上面的一个域中,它花费了6-7秒,其余的不
LDAP://AAA.CORP.XX.COM
LDAP://BBB.CORP.XX.COM
LDAP://CCC.BBB.CORP.XX.COM
LDAP://DDD.CORP.XX.COM
LDAP://EEE.CORP.XX.COM
LDAP://FFF.CORP.XX.COM
LDAP://CORP.XX.COM
,这样将节省搜索次数,而不是将每个域的5次搜索作为父域的1次搜索哪种解决方案更好地解决性能问题?这里是我编写的一个类,我在几个地方使用过这个类,通过这些方法来查看您可以使用什么
using System;
using System.Text;
using System.Collections;
using System.DirectoryServices;
using System.Diagnostics;
using System.Data.Common;
namespace Vertex_VVIS.SourceCode
{
public class LdapAuthentication
{
private String _path;
private String _filterAttribute;
public LdapAuthentication(String path)
{
_path = path;
}
public bool IsAuthenticated(String domain, String username, String pwd)
{
String domainAndUsername = domain + @"\" + username;
DirectoryEntry entry = new DirectoryEntry(_path, domainAndUsername, pwd);
try
{ //Bind to the native AdsObject to force authentication.
// Object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + username + ")";
search.PropertiesToLoad.Add("cn");
SearchResult result = search.FindOne();
if (null == result)
{
return false;
}
//Update the new path to the user in the directory.
_path = result.Path;
_filterAttribute = (String)result.Properties["cn"][0];
}
catch (Exception ex)
{
throw new Exception("Error authenticating user. " + ex.Message);
}
return true;
}
public String GetName(string username)
{
String thename = null;
try
{
DirectoryEntry de = new DirectoryEntry(_path);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = String.Format("(SAMAccountName={0})", username);
ds.PropertiesToLoad.Add("displayName");
SearchResult result = ds.FindOne();
if (result.Properties["displayName"].Count > 0)
{
thename = result.Properties["displayName"][0].ToString();
}
else
{
thename = "NA";
}
}
catch (Exception ex)
{
throw new Exception("Error Getting Name. " + ex.Message);
}
return thename.ToString();
}
public String GetEmailAddress(string username)
{
String theaddress = null;
try
{
DirectoryEntry de = new DirectoryEntry(_path);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = String.Format("(SAMAccountName={0})", username);
ds.PropertiesToLoad.Add("mail");
SearchResult result = ds.FindOne();
theaddress = result.Properties["mail"][0].ToString();
de.Close();
}
catch (Exception ex)
{
throw new Exception("Error Getting Email Address. " + ex.Message);
}
return theaddress.ToString();
}
public String GetTitle(string username)
{
String thetitle = null;
try
{
DirectoryEntry de = new DirectoryEntry(_path);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = String.Format("(SAMAccountName={0})", username);
ds.PropertiesToLoad.Add("title");
SearchResult result = ds.FindOne();
result.GetDirectoryEntry();
if (result.Properties["title"].Count > 0)
{
thetitle = result.Properties["title"][0].ToString();
}
else
{
thetitle = "NA";
}
}
catch (Exception ex)
{
throw new Exception("Error Getting the Title. " + ex.Message);
}
return thetitle.ToString();
}
public String GetPhone(string username)
{
String thephone = null;
try
{
DirectoryEntry de = new DirectoryEntry(_path);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = String.Format("(SAMAccountName={0})", username);
ds.PropertiesToLoad.Add("mobile");
SearchResult result = ds.FindOne();
result.GetDirectoryEntry();
if (result.Properties["mobile"].Count > 0)
{
thephone = result.Properties["mobile"][0].ToString();
}
else
{
thephone = "NA";
}
}
catch (Exception ex)
{
throw new Exception("Error Getting Phone Number. " + ex.Message);
}
return thephone.ToString();
}
public String GetGroups()
{
DirectorySearcher search = new DirectorySearcher(_path);
search.Filter = "(cn=" + _filterAttribute + ")";
search.PropertiesToLoad.Add("memberOf");
StringBuilder groupNames = new StringBuilder();
try
{
SearchResult result = search.FindOne();
int propertyCount = result.Properties["memberOf"].Count;
String dn;
int equalsIndex, commaIndex;
for (int propertyCounter = 0; propertyCounter < propertyCount; propertyCounter++)
{
dn = (String)result.Properties["memberOf"][propertyCounter];
equalsIndex = dn.IndexOf("=", 1);
commaIndex = dn.IndexOf(",", 1);
if (-1 == equalsIndex)
{
return null;
}
groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex - equalsIndex) - 1));
groupNames.Append("|");
}
}
catch (Exception ex)
{
throw new Exception("Error obtaining group names. " + ex.Message);
}
return groupNames.ToString();
}
public bool IsUserGroupMember(string strUserName, string strGroupString)
{
bool bMemberOf = false;
ResultPropertyValueCollection rpvcResult = null;
try
{
DirectoryEntry de = new DirectoryEntry(_path);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = String.Format("(SAMAccountName={0})", strUserName);
ds.PropertiesToLoad.Add("memberOf");
SearchResult result = ds.FindOne();
string propertyName = "memberOf";
rpvcResult = result.Properties[propertyName];
foreach (Object propertyValue in rpvcResult)
{
if (propertyValue.ToString().ToUpper() == strGroupString.ToUpper())
{
bMemberOf = true;
break;
}
}
}
catch (Exception ex)
{
throw new Exception("Error Getting member of. " + ex.Message);
}
return bMemberOf;
}
}
}
使用系统;
使用系统文本;
使用系统集合;
使用System.DirectoryServices;
使用系统诊断;
使用System.Data.Common;
命名空间顶点_VVIS.SourceCode
{
公共类LDA身份验证
{
私有字符串路径;
私有字符串过滤属性;
公共LDA身份验证(字符串路径)
{
_路径=路径;
}
公共bool已验证(字符串域、字符串用户名、字符串pwd)
{
字符串domainAndUsername=域+@“\”+用户名;
DirectoryEntry=新的DirectoryEntry(_路径,域和用户名,pwd);
尝试
{//绑定到本机对象以强制身份验证。
//Object obj=entry.NativeObject;
DirectorySearcher search=新的DirectorySearcher(条目);
search.Filter=“(SAMAccountName=“+username+”);
search.PropertiesToLoad.Add(“cn”);
SearchResult=search.FindOne();
if(null==结果)
{
返回false;
}
//将新路径更新到目录中的用户。
_路径=结果。路径;
_filterAttribute=(字符串)result.Properties[“cn”][0];
}
捕获(例外情况除外)
{
抛出新异常(“验证用户时出错。”+ex.Message);
}
返回true;
}
公共字符串GetName(字符串用户名)
{
字符串名称=null;
尝试
{
DirectoryEntry de=新的DirectoryEntry(_路径);
DirectorySearcher ds=新的DirectorySearcher(de);
ds.Filter=String.Format(“(SAMAccountName={0})”,用户名);
ds.PropertiesToLoad.Add(“displayName”);
SearchResult=ds.FindOne();
if(result.Properties[“displayName”].Count>0)
{
thename=result.Properties[“displayName”][0].ToString();
}
其他的
{
thename=“NA”;
}
}
捕获(例外情况除外)
{
抛出新异常(“获取名称时出错。”+ex.Message);
}
返回name.ToString();
}
公共字符串GetEmailAddress(字符串用户名)
{
字符串theaddress=null;
尝试
{
DirectoryEntry de=新的DirectoryEntry(_路径);
DirectorySearcher ds=新的DirectorySearcher(de);
ds.Filter=String.Format(“(SAMAccountName={0})”,用户名);
ds.PropertiesToLoad.Add(“邮件”);
SearchResult=ds.FindOne();
theaddress=result.Properties[“mail”][0].ToString();
de.Close();
}
捕获(例外情况除外)
{
抛出新异常(“获取电子邮件地址时出错。”+ex.Message);
}
返回address.ToString();
}
公共字符串GetTitle(字符串用户名)
{
字符串thetitle=null;
尝试
{
DirectoryEntry de=新的DirectoryEntry(_路径);
DirectorySearcher ds=新的DirectorySearcher(de);
ds.Filter=String.Format(“(SAMAccountName={0})”,用户名);
ds.PropertiesToLoad.Add(“标题”);
SearchResult=ds.FindOne();
result.GetDirectoryEntry();
如果(结果属性[“标题”]。计数>0)
{
title=result.Properties[“title”][0].ToString();
}
其他的
{
标题=“NA”;
}
}
捕获(例外情况除外)
{
抛出新异常(“获取标题时出错。”+ex.Message);
}
返回title.ToString();
}
公共字符串GetPhone(字符串用户名)
{
字符串thephone=null;
尝试
{
DirectoryEntry de=新的DirectoryEntry(_路径);
DirectorySearcher ds=新的DirectorySearcher(de);
ds.Filter=String.Format(“(SAMAccountName={0})”,用户名);
ds.PropertiesToLoad.Add(“移动”);
SearchResult=ds.FindOne();
result.GetDirectoryEntry();
if(result.Properties[“mobile”].Count>0)
{
thephone=result.Properties[“mobile”][0].ToString();
}
其他的
{
// create your domain context
// here, you could also include a specific domain, if needed
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// define a "query-by-example" principal - here, we search for a UserPrincipal
UserPrincipal qbeUser = new UserPrincipal(ctx);
// if you're looking for a particular user - you can limit the search by specifying
// e.g. a SAMAccountName, a first name - whatever criteria you are looking for
qbeUser.SamAccountName = "johndoe";
// create your principal searcher passing in the QBE principal
PrincipalSearcher srch = new PrincipalSearcher(qbeUser);
// find all matches
foreach(var found in srch.FindAll())
{
// do whatever here - "found" is of type "Principal" - it could be user, group, computer.....
}