問題描述
我正在嘗試獲取將作為程序輸入的特定域的用戶信息.根據域名,它應該返回用戶名/或用戶的 NT Id 和 SID 的列表.我是 ldap 編程的新手,任何人都可以幫助我獲取此列表.
I am trying to get the user information for a specific domain which will be the input of the program. On the basis of the domain name it should return the list of the users name/ or NT Id and SID of the user. I am new for the ldap programming can any one help me for get this list.
推薦答案
如果您使用 .NET 3.5 及更高版本并談論 Active Directory,那么您應該查看 System.DirectoryServices.AccountManagement (SDS.AM) 命名空間.在此處閱讀所有相關信息:
If you're on .NET 3.5 and up and talking about Active Directory, then you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:
- 在 .NET Framework 3.5 中管理目錄安全主體莉>
- 有關 System.DirectoryServices.AccountManagement 的 MSDN 文檔
基本上,您可以定義域上下文并輕松找到 AD 中的用戶和/或組:
Basically, you can define a domain context and easily find users and/or groups in AD:
// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, "SomeUserName");
if(user != null)
{
// do something here....
var usersSid = user.Sid;
// not sure what you mean by "username" - the "DisplayName" ? The "SAMAccountName"??
var username = user.DisplayName;
var userSamAccountName = user.SamAccountName;
}
新的 S.DS.AM 使在 AD 中與用戶和組一起玩變得非常容易!
The new S.DS.AM makes it really easy to play around with users and groups in AD!
更新:如果您需要遍歷域的所有用戶 - 試試這個:
Update: if you need to loop through all the users of a domain - try this:
您可以使用 PrincipalSearcher 和query-by-example"主體來進行搜索:
You can use a PrincipalSearcher and a "query-by-example" principal to do your searching:
// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// define a "query-by-example" principal - here, we search for a UserPrincipal
UserPrincipal qbeUser = new UserPrincipal(ctx);
// create your principal searcher passing in the QBE principal
PrincipalSearcher srch = new PrincipalSearcher(qbeUser);
// find all matches
foreach(var found in srch.FindAll())
{
UserPrincipal user = found as UserPrincipal;
if(user != null)
{
// do whatever here
var usersSid = user.Sid;
// not sure what you mean by "username" - the "DisplayName" ?
var username = user.DisplayName;
var userSamAccountName = user.SamAccountName;
}
}
更新 #2:如果您不能(或不想)使用 S.DS.AM 方法 - 這是最簡單的方法,對于 Active目錄,到目前為止 - 那么你需要回退到 System.DirectoryServices 類和方法:
Update #2: if you can't (or don't want to) use the S.DS.AM approach - which is the easiest, for Active Directory, by far - then you need to fall back to the System.DirectoryServices classes and methods:
// define the root of your search
DirectoryEntry root = new DirectoryEntry("LDAP://dc=YourCompany,dc=com");
// set up DirectorySearcher
DirectorySearcher srch = new DirectorySearcher(root);
srch.Filter = "(objectCategory=Person)";
srch.SearchScope = SearchScope.Subtree;
// define properties to load
srch.PropertiesToLoad.Add("objectSid");
srch.PropertiesToLoad.Add("displayName");
// search the directory
foreach(SearchResult result in srch.FindAll())
{
// grab the data - if present
if(result.Properties["objectSid"] != null && result.Properties["objectSid"].Count > 1)
{
var sid = result.Properties["objectSid"][0];
}
if(result.Properties["displayName"] != null && result.Properties["displayName"].Count > 0)
{
var userName = result.Properties["displayName"][0].ToString();
}
}
這篇關于如何通過ldap中的域名獲取用戶的用戶名和SID的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網!