LDAP Method
编辑器加载中...
using System; using System.DirectoryServices; public static class DomainInformation { #region Constants //static string[] usersLdapPath = @"LDAP://zzzzzz.com/OU=xxxxxx,DC=yyyyyy,DC=com"; private static string usersLdapPath = System.Configuration.ConfigurationManager.AppSettings["LDAPConnectionString"].ToString(); private const string adLoginName = "zzzzzz.com\\administrator"; //管理员用户 //或者上面写成 const string adLoginName =@ "zzzzzz.com\administrator"; //或者const string adLoginName = "administrator@zzzzzz.com"; private const string adLoginPassword = "88888888"; #endregion public static string[] GetGroupsForUser(string domainADsPath, string username) // 获取用户所属组 { DirectoryEntry usersDE = Directoryunits(domainADsPath); DirectorySearcher ds = new DirectorySearcher(usersDE); ds.Filter = "(&(sAMAccountName=" + username + "))"; ds.PropertiesToLoad.Add("memberof"); SearchResult r = ds.FindOne(); if (r.Properties["memberof"].Count == 0) { return (null); } string[] results = new string[r.Properties["memberof"].Count]; for (int i = 0; i < r.Properties["memberof"].Count; i++) { string theGroupPath = r.Properties["memberof"][i].ToString(); results[i] = theGroupPath.Substring(3, theGroupPath.IndexOf(",") - 3); } usersDE.Close(); return (results); } /// <summary> /// </summary> /// <param name="username"></param> /// <returns></returns> public static string[] GetGroupsForUser(string username) { DirectoryEntry usersDE = DomainInformation.Directory(); DirectorySearcher ds = new DirectorySearcher(usersDE); ds.Filter = "(&(sAMAccountName=" + username + "))"; ds.PropertiesToLoad.Add("memberof"); SearchResult r = ds.FindOne(); if (r.Properties["memberof"] == null) { return (null); } string[] results = new string[r.Properties["memberof"].Count + 1]; for (int i = 0; i < r.Properties["memberof"].Count; i++) { string theGroupPath = r.Properties["memberof"][i].ToString(); results[i] = theGroupPath.Substring(3, theGroupPath.IndexOf(",") - 3); } results[r.Properties["memberof"].Count] = "All"; //All组属于任何人,在AD之外定义了一个组,以便分配用户权限 usersDE.Close(); return (results); } public static string[] GetUsersForGroup(string domainADsPath, string Groupname) // 获取用户 { DirectoryEntry usersDE = Directoryunits(domainADsPath); DirectorySearcher ds = new DirectorySearcher(usersDE); ds.Filter = "(&(objectClass=group)(cn=" + Groupname + "))"; ds.PropertiesToLoad.Add("member"); SearchResult r = ds.FindOne(); if (r.Properties["member"] == null) { return (null); } string[] results = new string[r.Properties["member"].Count]; for (int i = 0; i < r.Properties["member"].Count; i++) { string theGroupPath = r.Properties["member"][i].ToString(); results[i] = theGroupPath.Substring(3, theGroupPath.IndexOf(",") - 3); } usersDE.Close(); return (results); } public static string GetUserDisplayName(string username) // 获取组用户 { string results; DirectoryEntry usersDE = Directory(); DirectorySearcher ds = new DirectorySearcher(usersDE); ds.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))"; ds.PropertiesToLoad.Add(UserProperty.DisplayName); SearchResult r = ds.FindOne(); results = r.GetDirectoryEntry().InvokeGet(UserProperty.DisplayName).ToString(); usersDE.Close(); return (results); } public static UserInfoEx GetUserInfoEx(string username) //获取域用户详细信息 { DirectoryEntry usersDE = Directory(); DirectorySearcher ds = new DirectorySearcher(usersDE); ds.Filter = "(&(objectClass=user)(objectCatogery=person)(sAMAccountName=" + username + "))"; ds.PropertiesToLoad.Add("cn"); ds.PropertiesToLoad.Add(UserProperty.Name); ds.PropertiesToLoad.Add(UserProperty.UserName); ds.PropertiesToLoad.Add(UserProperty.homePhone); ds.PropertiesToLoad.Add(UserProperty.FirstName); ds.PropertiesToLoad.Add(UserProperty.LastName); ds.PropertiesToLoad.Add(UserProperty.Email); ds.PropertiesToLoad.Add(UserProperty.Title); ds.PropertiesToLoad.Add(UserProperty.Company); ds.PropertiesToLoad.Add(UserProperty.Address); ds.PropertiesToLoad.Add(UserProperty.City); ds.PropertiesToLoad.Add(UserProperty.State); ds.PropertiesToLoad.Add(UserProperty.PostalCode); ds.PropertiesToLoad.Add(UserProperty.Phone); ds.PropertiesToLoad.Add(UserProperty.Country); SearchResult r = ds.FindOne(); UserInfoEx result = new UserInfoEx(); result.Name = r.GetDirectoryEntry().InvokeGet(UserProperty.Name).ToString(); result.LoginName = r.GetDirectoryEntry().InvokeGet(UserProperty.UserName).ToString(); if (r.GetDirectoryEntry().InvokeGet(UserProperty.FirstName) != null) { result.FirstName = r.GetDirectoryEntry().InvokeGet(UserProperty.FirstName).ToString(); } else { result.FirstName = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.homePhone) != null) { result.homePhone = r.GetDirectoryEntry().InvokeGet(UserProperty.homePhone).ToString(); } else { result.homePhone = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.LastName) != null) { result.LastName = r.GetDirectoryEntry().InvokeGet(UserProperty.LastName).ToString(); } else { result.LastName = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Email) != null) { result.EmailAddress = r.GetDirectoryEntry().InvokeGet(UserProperty.Email).ToString(); } else { result.EmailAddress = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Title) != null) { result.Title = r.GetDirectoryEntry().InvokeGet(UserProperty.Title).ToString(); } else { result.Title = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Company) != null) { result.Company = r.GetDirectoryEntry().InvokeGet(UserProperty.Company).ToString(); } else { result.Company = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Address) != null) { result.Address = r.GetDirectoryEntry().InvokeGet(UserProperty.Address).ToString(); } else { result.Address = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.City) != null) { result.City = r.GetDirectoryEntry().InvokeGet(UserProperty.City).ToString(); } else { result.City = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.State) != null) { result.State = r.GetDirectoryEntry().InvokeGet(UserProperty.State).ToString(); } else { result.State = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.PostalCode) != null) { result.PostalCode = r.GetDirectoryEntry().InvokeGet(UserProperty.PostalCode).ToString(); } else { result.PostalCode = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Phone) != null) { result.Phone = r.GetDirectoryEntry().InvokeGet(UserProperty.Phone).ToString(); } else { result.Phone = ""; } if (r.GetDirectoryEntry().InvokeGet(UserProperty.Country) != null) { result.Country = r.GetDirectoryEntry().InvokeGet(UserProperty.Country).ToString(); } else { result.Country = ""; } usersDE.Close(); return (result); } private static string GetAdGroupDescription(string prefix) //根据CN获取组description { string results; DirectoryEntry groupsDE = Directory(); DirectorySearcher groupsDS = new DirectorySearcher(groupsDE); groupsDS.Filter = "(&(objectClass=group)(CN=" + prefix + "*))"; groupsDS.PropertiesToLoad.Add("cn"); SearchResult sr = groupsDS.FindOne(); results = sr.GetDirectoryEntry().InvokeGet("description").ToString(); groupsDE.Close(); return (results); } private static DataTable GetAdGroupInfo() //根据CN获取组信息 { DataTable dt = new DataTable(); dt.Columns.Add("URL", typeof (System.String)); dt.Columns.Add("cn", typeof (System.String)); dt.Columns.Add("Description", typeof (System.String)); DirectoryEntry groupsDE = Directory(); DirectorySearcher searcher = new DirectorySearcher(groupsDE); searcher.Filter = "(&(objectClass=group))"; //searcher.SearchScope = SearchScope.Subtree; //searcher.Sort = new SortOption("description", System.DirectoryServices.SortDirection.Ascending); searcher.PropertiesToLoad.AddRange(new string[] {"cn", "description"}); SearchResultCollection results = searcher.FindAll(); if (results.Count == 0) { return (null); } else { foreach (SearchResult result in results) { DataRow dr = dt.NewRow(); dr[0] = result.Path.ToString(); dr[1] = result.GetDirectoryEntry().InvokeGet("cn").ToString(); if (result.GetDirectoryEntry().InvokeGet("Description") != null) dr[2] = result.GetDirectoryEntry().InvokeGet("Description").ToString(); else dr[2] = result.GetDirectoryEntry().InvokeGet("cn").ToString(); dt.Rows.Add(dr); } dt.DefaultView.Sort = "description ASC"; groupsDE.Close(); return dt; } } public static string getAccountName(string cn) //根据CN获取登陆名 { foreach (string path in usersLdapPath) { DirectoryEntry userContainerDE = Directoryunits(path); DirectorySearcher ds = new DirectorySearcher(userContainerDE); ds.Filter = "(&(objectClass=user)(cn=*" + cn + "*))"; ds.PropertiesToLoad.Add("sAMAccountName"); SearchResult r = ds.FindOne(); if (r != null) return r.GetDirectoryEntry().InvokeGet("sAMAccountName").ToString(); } return null; } public static bool isAdUser(string username) //判断是否域用户 { DirectoryEntry userContainerDE = Directory(); DirectorySearcher ds = new DirectorySearcher(userContainerDE); ds.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))"; ds.PropertiesToLoad.Add("cn"); SearchResult r = ds.FindOne(); if (r == null) { userContainerDE.Close(); return false; } else { userContainerDE.Close(); return true; } } public static DataTable adUserlist(string groupname) //生成用户数据表 { DataTable dt = new DataTable(); dt.Columns.Add("cn", typeof (System.String)); dt.Columns.Add("sAMAccountName", typeof (System.String)); string[] groupmember = GetUsersForGroup(usersLdapPath[0], groupname); if (groupmember.Length == 0) { return null; } else { foreach (string member in groupmember) { if (IsAccountActive(getAccountControl(getAccountName(member)))) { DataRow dr = dt.NewRow(); dr[0] = member.ToString(); dr[1] = getAccountName(member); dt.Rows.Add(dr); } } return dt; } } public static void adUserlistbox(ListBox results, string groupName) //生成USER { results.Items.Clear(); DataTable dt = adUserlist(groupName); if (dt != null) { results.DataSource = dt; results.DataTextField = dt.Columns[0].Caption; results.DataValueField = dt.Columns[1].Caption; results.DataBind(); } } public static void adGrouplistbox(ListBox results) { results.Items.Clear(); DataTable dt = GetAdGroupInfo(); DataRow dr = dt.NewRow(); dr[1] = "All"; dr[2] = "All"; dt.Rows.Add(dr); results.DataSource = dt; results.DataTextField = dt.Columns[2].Caption; results.DataValueField = dt.Columns[1].Caption; results.DataBind(); } public static void aduserGrouplist(DropDownList results) { results.Items.Clear(); DataTable dt = GetAdGroupInfo(); results.DataSource = dt; results.DataTextField = dt.Columns[2].Caption; results.DataValueField = dt.Columns[1].Caption; results.DataBind(); } public static DirectoryEntry Directory() { DirectoryEntry userContainerDE; string accountName = UserProperty.getAccountName().ToString(); accountName = accountName.Substring(0, accountName.IndexOf("\\")).Trim(); //判断登陆用户是否为域用户,"zzzzzz"为域名,域名用户格式:zzzzzz/username if (accountName.ToLower() != "zzzzzz") userContainerDE = new DirectoryEntry(usersLdapPath, adLoginName, adLoginPassword); // AuthenticationTypes.Secure);} else userContainerDE = new DirectoryEntry(usersLdapPath); //, adLoginName, adLoginPassword); return userContainerDE; } public static DirectoryEntry Directoryunits(string ldappath) { DirectoryEntry userContainerDE; string accountName = UserProperty.getAccountName().ToString(); accountName = accountName.Substring(0, accountName.IndexOf("\\")).Trim(); // userContainerDE = new DirectoryEntry(ldappath); if (accountName.ToLower() != "zzzzzz") //userContainerDE.Username = adLoginName; //userContainerDE.Password = adLoginPassword; //userContainerDE.AuthenticationType = AuthenticationTypes.Secure; userContainerDE = new DirectoryEntry(ldappath, adLoginName, adLoginPassword); // AuthenticationTypes.Secure);} else userContainerDE = new DirectoryEntry(ldappath); //, adLoginName, adLoginPassword); return userContainerDE; } public static int getAccountControl(string accountName) //获取权限码 { int results; DirectoryEntry userContainerDE = Directory(); DirectorySearcher ds = new DirectorySearcher(userContainerDE); ds.Filter = "(&(objectClass=user)(sAMAccountName=" + accountName + "))"; ds.PropertiesToLoad.Add("userAccountControl"); try { SearchResult r = ds.FindOne(); results = Convert.ToInt32(r.GetDirectoryEntry().InvokeGet("userAccountControl")); userContainerDE.Close(); return results; } catch { userContainerDE.Close(); return 0; } } public static bool IsAccountActive(int userAccountControl) //判断是否有效 { int ADS_UF_ACCOUNTDISABLE = 0X0002; int userAccountControl_Disabled = Convert.ToInt32(ADS_UF_ACCOUNTDISABLE); int flagExists = userAccountControl & userAccountControl_Disabled; if (flagExists > 0) return false; else return true; } public static DirectoryEntry GetDirectoryEntryByAccount(string sAMAccountName) { DirectoryEntry de = Directory(); DirectorySearcher deSearch = new DirectorySearcher(de); deSearch.Filter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + sAMAccountName + "))"; // deSearch.SearchScope = SearchScope.Subtree; try { SearchResult result = deSearch.FindOne(); //if (result == null) //{ return null; } de = Directoryunits(result.Path); return de; } catch { //throw; return null; } } public static DirectoryEntry GetDirectoryEntryByAccount(string sAMAccountName, string password) { DirectoryEntry de = GetDirectoryEntryByAccount(sAMAccountName); if (de != null) { // string commonName = de.Properties["cn"][0].ToString(); if (GetDirectoryEntry(sAMAccountName, password) != null) return GetDirectoryEntry(sAMAccountName, password); else return null; } else { return null; } } public static DirectoryEntry GetDirectoryEntry(string sAMAccountName, string password) { try { DirectoryEntry userde = new DirectoryEntry(usersLdapPath, sAMAccountName, password, AuthenticationTypes.Secure); DirectorySearcher deSearch = new DirectorySearcher(userde); deSearch.Filter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + sAMAccountName + "))"; //deSearch.SearchScope = SearchScope.Subtree; try { SearchResult result = deSearch.FindOne(); userde = Directoryunits(result.Path); return userde; } catch { //throw; return null; } } catch (Exception ex) { throw new Exception(ex.Message); } } }