AD Functions
string Department = "Billing";
DirectorySearcher LdapSearcher = new DirectorySearcher();
LdapSearcher.PropertiesToLoad.Add("displayName");
LdapSearcher.PropertiesToLoad.Add("cn");
LdapSearcher.PropertiesToLoad.Add("department");
LdapSearcher.PropertiesToLoad.Add("title");
LdapSearcher.PropertiesToLoad.Add("memberOf");
LdapSearcher.Filter = string.Format("(&(objectClass=user)(department={0}))", Department); SearchResultCollection src = LdapSearcher.FindAll();
MemberOF
标题:获取AD中用户的组,用Properties["memberOf"].Count统计,结果总是少一个组 作者:crmserver 时间:2008-05-21 09:38 | |
获取AD中用户的组,用Properties["memberOf"].Count统计,结果总是少一个组 代码如下: DirectorySearcher mySearcher = new DirectorySearcher(entry); mySearcher.Filter="(&(objectClass=user)(sAMAccountName=test))"; mySearcher.PropertiesToLoad.Add("memberOf"); SearchResult mysr=mySearcher.FindOne(); int iCount = mysr.Properties["memberOf"].Count; Response.Write(iCount); |
|
标题: 作者:ssbird 时间:2008-05-21 09:38 | |
[color=red][b]此回复于2008-06-03 08:48被 [url=http://bbs.51cto.com/profile-uid-278211.html]ssbird[/url] 评为最佳答案[/b][/color] 请参考下面这段代码,这是完整的访问域用户的类。 public static class DomainInformation { #region Constants //static string[] usersLdapPath = @"LDAP://zzzzzz.com/OU=xxxxxx,DC=yyyyyy,DC=com"; static string usersLdapPath = System.Configuration.ConfigurationManager.AppSettings["LDAPConnectionString"].ToString() ; const string adLoginName = "administrator"; //管理员用户 const string adLoginPassword = "88888888"; #endregion static public string[] GetGroupsForUser(string domainADsPath, string username)// 获取用户所属组 { DirectoryEntry usersDE = Directoryunits(domainADsPath); DirectorySearcher ds = new DirectorySearcher(usersDE); ds.Filter = "(&(sAMAccountName=" + username + "))"; ds.PropertiesToLoad.Add("memberof"); SearchResult r = ds.FindOne(); if (r.Properties["memberof"].Count == 0) { return (null); } string[] results = new string[r.Properties["memberof"].Count]; for (int i = 0; i < r.Properties["memberof"].Count; i++) { string theGroupPath = r.Properties["memberof"][i].ToString(); results[i] = theGroupPath.Substring(3, theGroupPath.IndexOf(",") - 3); } usersDE.Close(); return (results); } /// /// /// /// public static string[] GetGroupsForUser(string username) { DirectoryEntry usersDE = DomainInformation.Directory(); DirectorySearcher ds = new DirectorySearcher(usersDE); ds.Filter = "(&(sAMAccountName=" + username + "))"; ds.PropertiesToLoad.Add("memberof"); SearchResult r = ds.FindOne(); if (r.Properties["memberof"] == null) { return (null); } string[] results = new string[r.Properties["memberof"].Count+1]; for (int i = 0; i < r.Properties["memberof"].Count; i++) { string theGroupPath = r.Properties["memberof"][i].ToString(); results[i] = theGroupPath.Substring(3, theGroupPath.IndexOf(",") - 3); } results[r.Properties["memberof"].Count]="All";//All组属于任何人,在AD之外定义了一个组,以便分配用户权限 usersDE.Close(); return (results); } static public string[] GetUsersForGroup(string domainADsPath, string Groupname)// 获取用户 { DirectoryEntry usersDE = Directoryunits(domainADsPath); DirectorySearcher ds = new DirectorySearcher(usersDE); ds.Filter = "(&(objectClass=group)(cn=" + Groupname + "))"; ds.PropertiesToLoad.Add("member"); SearchResult r = ds.FindOne(); if (r.Properties["member"] == null) { return (null); } string[] results = new string[r.Properties["member"].Count]; for (int i = 0; i < r.Properties["member"].Count; i++) { string theGroupPath = r.Properties["member"][i].ToString(); results[i] = theGroupPath.Substring(3, theGroupPath.IndexOf(",") - 3); } usersDE.Close(); return (results); } static public string GetUserDisplayName(string username)// 获取组用户 { string results; DirectoryEntry usersDE = Directory(); DirectorySearcher ds = new DirectorySearcher(usersDE); ds.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))"; ds.PropertiesToLoad.Add(UserProperty.DisplayName); SearchResult r = ds.FindOne(); results = r.GetDirectoryEntry().InvokeGet(UserProperty.DisplayName).ToString(); usersDE.Close(); return (results); } static public UserInfoEx GetUserInfoEx(string username) //获取域用户详细信息 { DirectoryEntry usersDE =Directory(); DirectorySearcher ds = new DirectorySearcher(usersDE); ds.Filter = "(&(objectClass=user)(objectCatogery=person)(sAMAccountName=" + username + "))"; ds.PropertiesToLoad.Add("cn"); ds.PropertiesToLoad.Add(UserProperty.Name); ds.PropertiesToLoad.Add(UserProperty.UserName); ds.PropertiesToLoad.Add(UserProperty.homePhone); ds.PropertiesToLoad.Add(UserProperty.FirstName); ds.PropertiesToLoad.Add(UserProperty.LastName); ds.PropertiesToLoad.Add(UserProperty.Email); ds.PropertiesToLoad.Add(UserProperty.Title); ds.PropertiesToLoad.Add(UserProperty.Company); ds.PropertiesToLoad.Add(UserProperty.Address); ds.PropertiesToLoad.Add(UserProperty.City); ds.PropertiesToLoad.Add(UserProperty.State); ds.PropertiesToLoad.Add(UserProperty.PostalCode); ds.PropertiesToLoad.Add(UserProperty.Phone); ds.PropertiesToLoad.Add(UserProperty.Country); SearchResult r = ds.FindOne(); UserInfoEx result = new UserInfoEx(); result.Name = r.GetDirectoryEntry().InvokeGet(UserProperty.Name).ToString(); result.LoginName = r.GetDirectoryEntry().InvokeGet(UserProperty.UserName).ToString(); if (r.GetDirectoryEntry().InvokeGet(UserProperty.FirstName) != null) { result.FirstName = r.GetDirectoryEntry().InvokeGet(UserProperty.FirstName).ToString(); } else { result.FirstName = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.homePhone) != null) { result.homePhone = r.GetDirectoryEntry().InvokeGet(UserProperty.homePhone).ToString(); } else { result.homePhone = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.LastName)!= null) { result.LastName = r.GetDirectoryEntry().InvokeGet(UserProperty.LastName).ToString(); } else { result.LastName = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Email) != null) { result.EmailAddress = r.GetDirectoryEntry().InvokeGet(UserProperty.Email).ToString(); } else { result.EmailAddress = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Title) != null) { result.Title = r.GetDirectoryEntry().InvokeGet(UserProperty.Title).ToString(); } else { result.Title = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Company) != null) { result.Company =r.GetDirectoryEntry().InvokeGet(UserProperty.Company).ToString(); } else { result.Company = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Address) != null) { result.Address =r.GetDirectoryEntry().InvokeGet(UserProperty.Address).ToString(); } else { result.Address = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.City) != null) { result.City =r.GetDirectoryEntry().InvokeGet(UserProperty.City).ToString(); } else { result.City = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.State) != null) { result.State =r.GetDirectoryEntry().InvokeGet(UserProperty.State).ToString(); } else { result.State = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.PostalCode) != null) { result.PostalCode =r.GetDirectoryEntry().InvokeGet(UserProperty.PostalCode).ToString(); } else { result.PostalCode = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Phone) != null) { result.Phone = r.GetDirectoryEntry().InvokeGet(UserProperty.Phone).ToString(); } else { result.Phone = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Country) != null) { result.Country =r.GetDirectoryEntry().InvokeGet(UserProperty.Country).ToString(); } else { result.Country = ""; } usersDE.Close(); return (result); } static private string GetAdGroupDescription(string prefix)//根据CN获取组description { string results; DirectoryEntry groupsDE = Directory(); DirectorySearcher groupsDS = new DirectorySearcher(groupsDE); groupsDS.Filter = "(&(objectClass=group)(CN=" + prefix + "*))"; groupsDS.PropertiesToLoad.Add("cn"); SearchResult sr = groupsDS.FindOne(); results = sr.GetDirectoryEntry().InvokeGet("description").ToString(); groupsDE.Close(); return (results); } static private DataTable GetAdGroupInfo()//根据CN获取组信息 { DataTable dt = new DataTable(); dt.Columns.Add("URL", typeof(System.String)); dt.Columns.Add("cn", typeof(System.String)); dt.Columns.Add("Description", typeof(System.String)); DirectoryEntry groupsDE = Directory(); DirectorySearcher searcher = new DirectorySearcher(groupsDE); searcher.Filter = "(&(objectClass=group))"; //searcher.SearchScope = SearchScope.Subtree; //searcher.Sort = new SortOption("description", System.DirectoryServices.SortDirection.Ascending); searcher.PropertiesToLoad.AddRange(new string[] { "cn", "description"}); SearchResultCollection results = searcher.FindAll(); if (results.Count == 0) { return (null); } else { foreach (SearchResult result in results) { DataRow dr = dt.NewRow(); dr[0] = result.Path.ToString(); dr[1] = result.GetDirectoryEntry().InvokeGet("cn").ToString(); if (result.GetDirectoryEntry().InvokeGet("Description")!=null) dr[2] = result.GetDirectoryEntry().InvokeGet("Description").ToString(); else dr[2] = result.GetDirectoryEntry().InvokeGet("cn").ToString(); dt.Rows.Add(dr); } dt.DefaultView.Sort = "description ASC"; groupsDE.Close(); return dt; } } static public string getAccountName(string cn) //根据CN获取登陆名 { foreach (string path in usersLdapPath) { DirectoryEntry userContainerDE = Directoryunits(path); DirectorySearcher ds = new DirectorySearcher(userContainerDE); ds.Filter = "(&(objectClass=user)(cn=*" + cn + "*))"; ds.PropertiesToLoad.Add("sAMAccountName"); SearchResult r = ds.FindOne(); if (r!=null) return r.GetDirectoryEntry().InvokeGet("sAMAccountName").ToString(); } return null; } static public bool isAdUser(string username)//判断是否域用户 { DirectoryEntry userContainerDE = Directory(); DirectorySearcher ds = new DirectorySearcher(userContainerDE); ds.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))"; ds.PropertiesToLoad.Add("cn"); SearchResult r = ds.FindOne(); if (r == null) { userContainerDE.Close(); return false; } else { userContainerDE.Close(); return true; } } static public DataTable adUserlist( string groupname) //生成用户数据表 { DataTable dt = new DataTable(); dt.Columns.Add("cn", typeof(System.String)); dt.Columns.Add("sAMAccountName", typeof(System.String)); string[] groupmember = GetUsersForGroup(usersLdapPath[0], groupname); if (groupmember.Length == 0) { return null; } else { foreach (string member in groupmember) { if(IsAccountActive(getAccountControl(getAccountName(member)))) { DataRow dr = dt.NewRow(); dr[0] = member.ToString(); dr[1] = getAccountName(member); dt.Rows.Add(dr); } } return dt; } } static public void adUserlistbox(ListBox results, string groupName) //生成USER { results.Items.Clear(); DataTable dt = adUserlist(groupName); if (dt != null) { results.DataSource = dt; results.DataTextField = dt.Columns[0].Caption; results.DataValueField = dt.Columns[1].Caption; results.DataBind(); } } static public void adGrouplistbox(ListBox results) { results.Items.Clear(); DataTable dt = GetAdGroupInfo(); DataRow dr = dt.NewRow(); dr[1] = "All"; dr[2] = "All"; dt.Rows.Add(dr); results.DataSource = dt; results.DataTextField = dt.Columns[2].Caption; results.DataValueField = dt.Columns[1].Caption; results.DataBind(); } static public void aduserGrouplist(DropDownList results) { results.Items.Clear(); DataTable dt = GetAdGroupInfo(); results.DataSource = dt; results.DataTextField = dt.Columns[2].Caption; results.DataValueField = dt.Columns[1].Caption; results.DataBind(); } static public DirectoryEntry Directory() { DirectoryEntry userContainerDE; string accountName = UserProperty.getAccountName().ToString(); accountName = accountName.Substring(0, accountName.IndexOf("\\")).Trim(); //判断登陆用户是否为域用户,"zzzzzz"为域名,域名用户格式:zzzzzz/username if (accountName.ToLower() != "zzzzzz") userContainerDE = new DirectoryEntry(usersLdapPath, adLoginName, adLoginPassword); // AuthenticationTypes.Secure);} else userContainerDE = new DirectoryEntry(usersLdapPath);//, adLoginName, adLoginPassword); return userContainerDE; } static public DirectoryEntry Directoryunits(string ldappath ) { DirectoryEntry userContainerDE; string accountName = UserProperty.getAccountName().ToString(); accountName = accountName.Substring(0, accountName.IndexOf("\\")).Trim(); // userContainerDE = new DirectoryEntry(ldappath); if (accountName.ToLower() != "zzzzzz" ) //userContainerDE.Username = adLoginName; //userContainerDE.Password = adLoginPassword; //userContainerDE.AuthenticationType = AuthenticationTypes.Secure; userContainerDE = new DirectoryEntry(ldappath, adLoginName, adLoginPassword);// AuthenticationTypes.Secure);} else userContainerDE = new DirectoryEntry(ldappath);//, adLoginName, adLoginPassword); return userContainerDE; } public static int getAccountControl(string accountName)//获取权限码 { int results; DirectoryEntry userContainerDE = Directory(); DirectorySearcher ds = new DirectorySearcher(userContainerDE); ds.Filter = "(&(objectClass=user)(sAMAccountName=" + accountName + "))"; ds.PropertiesToLoad.Add("userAccountControl"); try { SearchResult r = ds.FindOne(); results = Convert.ToInt32(r.GetDirectoryEntry().InvokeGet("userAccountControl")); userContainerDE.Close(); return results; } catch { userContainerDE.Close(); return 0; } } public static bool IsAccountActive(int userAccountControl)//判断是否有效 { int ADS_UF_ACCOUNTDISABLE = 0X0002; int userAccountControl_Disabled = Convert.ToInt32(ADS_UF_ACCOUNTDISABLE); int flagExists = userAccountControl & userAccountControl_Disabled; if (flagExists > 0) return false; else return true; } public static DirectoryEntry GetDirectoryEntryByAccount(string sAMAccountName) { DirectoryEntry de = Directory(); DirectorySearcher deSearch = new DirectorySearcher(de); deSearch.Filter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + sAMAccountName + "))"; // deSearch.SearchScope = SearchScope.Subtree; try { SearchResult result = deSearch.FindOne(); //if (result == null) //{ return null; } de = Directoryunits(result.Path); return de; } catch { //throw; return null; } } public static DirectoryEntry GetDirectoryEntryByAccount(string sAMAccountName, string password) { DirectoryEntry de = GetDirectoryEntryByAccount(sAMAccountName); if (de != null) { // string commonName = de.Properties["cn"][0].ToString(); if (GetDirectoryEntry(sAMAccountName, password) != null) return GetDirectoryEntry(sAMAccountName, password); else return null; } else { return null; } } public static DirectoryEntry GetDirectoryEntry(string sAMAccountName, string password) { try { DirectoryEntry userde = new DirectoryEntry(usersLdapPath, sAMAccountName, password, AuthenticationTypes.Secure); DirectorySearcher deSearch = new DirectorySearcher(userde); deSearch.Filter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + sAMAccountName + "))"; //deSearch.SearchScope = SearchScope.Subtree; try { SearchResult result = deSearch.FindOne(); userde = Directoryunits(result.Path); return userde; } catch { //throw; return null; } } catch (Exception ex) { throw new Exception(ex.Message); } } } |