Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/csharp/274.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
在C#中,如何访问Active Directory以获取某个用户所属组的列表?_C#_Asp.net_Active Directory_Ldap - Fatal编程技术网
Fatal编程技术网
  • csharp/
  • 在C#中,如何访问Active Directory以获取某个用户所属组的列表?

在C#中,如何访问Active Directory以获取某个用户所属组的列表?

c# asp.net active-directory ldap

在C#中,如何访问Active Directory以获取某个用户所属组的列表?,c#,asp.net,active-directory,ldap,C#,Asp.net,Active Directory,Ldap,在C#中,如何访问Active Directory以获取某个用户所属的组列表 用户详细信息如下表所示: "MYDOMAIN\myuser" "LDAP://sample.com/CN=MySurname MyFirstname,OU=General,OU=Accounts,DC=sample,DC=com" 我一直在关注,但只有当我在表单中有用户详细信息时,它们才起作用: "MYDOMAIN\myuser" "LDAP://sample.com/CN=MySurname MyFirstna

在C#中,如何访问Active Directory以获取某个用户所属的组列表

用户详细信息如下表所示:

"MYDOMAIN\myuser"

"LDAP://sample.com/CN=MySurname MyFirstname,OU=General,OU=Accounts,DC=sample,DC=com"
我一直在关注,但只有当我在表单中有用户详细信息时,它们才起作用:

"MYDOMAIN\myuser"

"LDAP://sample.com/CN=MySurname MyFirstname,OU=General,OU=Accounts,DC=sample,DC=com"
所以,也许我想问的是,如何从第一个较短的表格到下面的完全限定表格

非常感谢

这可能会有帮助

using System.Collections;
using System.DirectoryServices;

/// <summary>
/// Gets the list of AD groups that a user belongs to
/// </summary>
/// <param name="loginName">The login name of the user (domain\login or login)</param>
/// <returns>A comma delimited list of the user's AD groups</returns>
public static SortedList GetADGroups(string loginName)
{
    if (string.IsNullOrEmpty(loginName))
        throw new ArgumentException("The loginName should not be empty");

    SortedList ADGroups = new SortedList();

    int backSlash = loginName.IndexOf("\\");
    string userName = backSlash > 0 ? loginName.Substring(backSlash + 1) : loginName;

    DirectoryEntry directoryEntry = new DirectoryEntry();
    DirectorySearcher directorySearcher = new DirectorySearcher(directoryEntry, "(sAMAccountName=" + userName + ")");

    SearchResult searchResult = directorySearcher.FindOne();
    if (null != searchResult)
    {
        DirectoryEntry userADEntry = new DirectoryEntry(searchResult.Path);

        // Invoke Groups method.
        object userADGroups = userADEntry.Invoke("Groups");
        foreach (object obj in (IEnumerable)userADGroups)
        {
            // Create object for each group.
            DirectoryEntry groupDirectoryEntry = new DirectoryEntry(obj);
            string groupName = groupDirectoryEntry.Name.Replace("cn=", string.Empty);
            groupName = groupName.Replace("CN=", string.Empty);
            if (!ADGroups.ContainsKey(groupName))
                ADGroups.Add(groupName, groupName);
        }
    }

    return ADGroups;
}

使用系统集合;
使用System.DirectoryServices;
/// 
///获取用户所属的广告组列表
/// 
///用户的登录名(域\登录或登录)
///以逗号分隔的用户广告组列表
公共静态分类列表GetADGroups(字符串登录名)
{
if(string.IsNullOrEmpty(loginName))
抛出新ArgumentException(“登录名不应为空”);
SortedList ADGroups=新SortedList();
int反斜杠=loginName.IndexOf(“\\”);
字符串用户名=反斜杠>0?登录名。子字符串(反斜杠+1):登录名;
DirectoryEntry DirectoryEntry=新的DirectoryEntry();
DirectorySearcher DirectorySearcher=新的DirectorySearcher(directoryEntry,“(sAMAccountName=“+userName+”);
SearchResult SearchResult=directorySearcher.FindOne();
如果(null!=搜索结果)
{
DirectoryEntry userADEntry=新的DirectoryEntry(searchResult.Path);
//调用组方法。
object userADGroups=userADEntry.Invoke(“组”);
foreach(IEnumerable用户组中的对象对象)
{
//为每个组创建对象。
DirectoryEntry组DirectoryEntry=新的DirectoryEntry(obj);
string groupName=groupDirectoryEntry.Name.Replace(“cn=,string.Empty”);
groupName=groupName.Replace(“CN=”,string.Empty);
如果(!ADGroups.ContainsKey(groupName))
ADGroups.Add(groupName,groupName);
}
}
返回广告组;
}
这可能会有帮助

using System.Collections;
using System.DirectoryServices;

/// <summary>
/// Gets the list of AD groups that a user belongs to
/// </summary>
/// <param name="loginName">The login name of the user (domain\login or login)</param>
/// <returns>A comma delimited list of the user's AD groups</returns>
public static SortedList GetADGroups(string loginName)
{
    if (string.IsNullOrEmpty(loginName))
        throw new ArgumentException("The loginName should not be empty");

    SortedList ADGroups = new SortedList();

    int backSlash = loginName.IndexOf("\\");
    string userName = backSlash > 0 ? loginName.Substring(backSlash + 1) : loginName;

    DirectoryEntry directoryEntry = new DirectoryEntry();
    DirectorySearcher directorySearcher = new DirectorySearcher(directoryEntry, "(sAMAccountName=" + userName + ")");

    SearchResult searchResult = directorySearcher.FindOne();
    if (null != searchResult)
    {
        DirectoryEntry userADEntry = new DirectoryEntry(searchResult.Path);

        // Invoke Groups method.
        object userADGroups = userADEntry.Invoke("Groups");
        foreach (object obj in (IEnumerable)userADGroups)
        {
            // Create object for each group.
            DirectoryEntry groupDirectoryEntry = new DirectoryEntry(obj);
            string groupName = groupDirectoryEntry.Name.Replace("cn=", string.Empty);
            groupName = groupName.Replace("CN=", string.Empty);
            if (!ADGroups.ContainsKey(groupName))
                ADGroups.Add(groupName, groupName);
        }
    }

    return ADGroups;
}

使用系统集合;
使用System.DirectoryServices;
/// 
///获取用户所属的广告组列表
/// 
///用户的登录名(域\登录或登录)
///以逗号分隔的用户广告组列表
公共静态分类列表GetADGroups(字符串登录名)
{
if(string.IsNullOrEmpty(loginName))
抛出新ArgumentException(“登录名不应为空”);
SortedList ADGroups=新SortedList();
int反斜杠=loginName.IndexOf(“\\”);
字符串用户名=反斜杠>0?登录名。子字符串(反斜杠+1):登录名;
DirectoryEntry DirectoryEntry=新的DirectoryEntry();
DirectorySearcher DirectorySearcher=新的DirectorySearcher(directoryEntry,“(sAMAccountName=“+userName+”);
SearchResult SearchResult=directorySearcher.FindOne();
如果(null!=搜索结果)
{
DirectoryEntry userADEntry=新的DirectoryEntry(searchResult.Path);
//调用组方法。
object userADGroups=userADEntry.Invoke(“组”);
foreach(IEnumerable用户组中的对象对象)
{
//为每个组创建对象。
DirectoryEntry组DirectoryEntry=新的DirectoryEntry(obj);
string groupName=groupDirectoryEntry.Name.Replace(“cn=,string.Empty”);
groupName=groupName.Replace(“CN=”,string.Empty);
如果(!ADGroups.ContainsKey(groupName))
ADGroups.Add(groupName,groupName);
}
}
返回广告组;
}
最后,我不得不从相反的角度接近它,因为我必须验证来自独立(受信任)林的成员。下面是查找给定组成员列表的代码:

/// <summary>
/// Finds the users in the given group. Eg groupName=My-Group-Name-Blah
/// returns an array of users eg: DOMAIN\user
/// </summary>
string[] UsersInGroup(string groupName)
{
  List<String> users = new List<string>();

  // First, find the group:
  string query = string.Format("(CN={0})", groupName);
  SearchResult searchResult = new DirectorySearcher(query).FindOne();
  DirectoryEntry group = new DirectoryEntry(searchResult.Path);

  // Find all the members
  foreach (object rawMember in (IEnumerable)group.Invoke("members"))
  {
    // Grab this member's SID
    DirectoryEntry member = new DirectoryEntry(rawMember);
    byte[] sid = null;
    foreach (object o in member.Properties["objectSid"]) sid = o as byte[];

    // Convert it to a domain\user string
    try
    {
      users.Add(
        new SecurityIdentifier(sid, 0).Translate(typeof(NTAccount)).ToString());
    }
    catch { } // Some SIDs cannot be discovered - ignore these
  }

  return users.ToArray();
}

//
///查找给定组中的用户。例如groupName=我的组名等等
///返回用户数组,例如:域\用户
/// 
字符串[]用户组(字符串组名)
{
列表用户=新列表();
//首先,找到小组:
string query=string.Format(“(CN={0})”,groupName);
SearchResult SearchResult=new DirectorySearcher(query).FindOne();
DirectoryEntry组=新的DirectoryEntry(searchResult.Path);
//查找所有成员
foreach(对象为(IEnumerable)组中的成员。调用(“成员”))
{
//获取此成员的SID
DirectoryEntry成员=新的DirectoryEntry(rawMember);
字节[]sid=null;
foreach(member.Properties[“objectSid”]中的对象o)sid=o作为字节[];
//将其转换为域\用户字符串
尝试
{
用户。添加(
新的SecurityIdentifier(sid,0).Translate(typeof(NTAccount)).ToString();
}
catch{}//无法发现某些SID-忽略这些
}
返回users.ToArray();
}
最后,我不得不从相反的角度接近它,因为我必须验证来自独立(受信任)林的成员。下面是查找给定组成员列表的代码:

/// <summary>
/// Finds the users in the given group. Eg groupName=My-Group-Name-Blah
/// returns an array of users eg: DOMAIN\user
/// </summary>
string[] UsersInGroup(string groupName)
{
  List<String> users = new List<string>();

  // First, find the group:
  string query = string.Format("(CN={0})", groupName);
  SearchResult searchResult = new DirectorySearcher(query).FindOne();
  DirectoryEntry group = new DirectoryEntry(searchResult.Path);

  // Find all the members
  foreach (object rawMember in (IEnumerable)group.Invoke("members"))
  {
    // Grab this member's SID
    DirectoryEntry member = new DirectoryEntry(rawMember);
    byte[] sid = null;
    foreach (object o in member.Properties["objectSid"]) sid = o as byte[];

    // Convert it to a domain\user string
    try
    {
      users.Add(
        new SecurityIdentifier(sid, 0).Translate(typeof(NTAccount)).ToString());
    }
    catch { } // Some SIDs cannot be discovered - ignore these
  }

  return users.ToArray();
}

//
///查找给定组中的用户。例如groupName=我的组名等等
///返回用户数组,例如:域\用户
/// 
字符串[]用户组(字符串组名)
{
列表用户=新列表();
//首先,找到小组:
string query=string.Format(“(CN={0})”,groupName);
SearchResult SearchResult=new DirectorySearcher(query).FindOne();
DirectoryEntry组=新的DirectoryEntry(searchResult.Path);
//查找所有成员
foreach(对象为(IEnumerable)组中的成员。调用(“成员”))
{
//获取此成员的SID
DirectoryEntry成员=新的DirectoryEntry(rawMember);
字节[]sid=null;
foreach(member.Properties[“objectSid”]中的对象o)sid=o作为字节[];
//将其转换为域\用户字符串
尝试
{
用户。添加(
新的SecurityIdentifier(sid,0).Translate(typeof(NTAccount)).ToString();
}
catch{}//无法发现某些SID-忽略这些
}
返回users.ToArray();
}
我碰巧在生产环境中运行了一段时间的助手类中有这个方法。那么,这是在Windows20上测试的