public static class DomainInformation
{
#region Constants
//static string[] usersLdapPath = @"http://www.cnblogs.com/yxbsmx/admin/ldap://zzzzzz.com/OU=xxxxxx,DC=yyyyyy,DC=com";
static string usersLdapPath = System.Configuration.ConfigurationManager.AppSettings["LDAPConnectionString"].ToString() ;
const string adLoginName = "zzzzzz.com\\administrator"; //管理员用户
//或者上面写成 const string adLoginName =@ "zzzzzz.com\administrator";
//或者const string adLoginName = "administrator@zzzzzz.com";
const string adLoginPassword = "88888888";
#endregion
static public string[] GetGroupsForUser(string domainADsPath, string username)// 获取用户所属组
{
DirectoryEntry usersDE = Directoryunits(domainADsPath);
DirectorySearcher ds = new DirectorySearcher(usersDE);
ds.Filter = "(&(sAMAccountName=" + username + "))";
ds.PropertiesToLoad.Add("memberof");
SearchResult r = ds.FindOne();
if (r.Properties["memberof"].Count == 0)
{
return (null);
}
string[] results = new string[r.Properties["memberof"].Count];
for (int i = 0; i < r.Properties["memberof"].Count; i++)
{
string theGroupPath = r.Properties["memberof"][i].ToString();
results[i] = theGroupPath.Substring(3, theGroupPath.IndexOf(",") - 3);
}
usersDE.Close();
return (results);
}
/// <summary>
/// </summary>
/// <param name="username"></param>
/// <returns></returns>
public static string[] GetGroupsForUser(string username)
{
DirectoryEntry usersDE = DomainInformation.Directory();
DirectorySearcher ds = new DirectorySearcher(usersDE);
ds.Filter = "(&(sAMAccountName=" + username + "))";
ds.PropertiesToLoad.Add("memberof");
SearchResult r = ds.FindOne();
if (r.Properties["memberof"] == null)
{
return (null);
}
string[] results = new string[r.Properties["memberof"].Count+1];
for (int i = 0; i < r.Properties["memberof"].Count; i++)
{
string theGroupPath = r.Properties["memberof"][i].ToString();
results[i] = theGroupPath.Substring(3, theGroupPath.IndexOf(",") - 3);
}
results[r.Properties["memberof"].Count]="All";//All组属于任何人,在AD之外定义了一个组,以便分配用户权限
usersDE.Close();
return (results);
}
static public string[] GetUsersForGroup(string domainADsPath, string Groupname)// 获取用户
{
DirectoryEntry usersDE = Directoryunits(domainADsPath);
DirectorySearcher ds = new DirectorySearcher(usersDE);
ds.Filter = "(&(objectClass=group)(cn=" + Groupname + "))";
ds.PropertiesToLoad.Add("member");
SearchResult r = ds.FindOne();
if (r.Properties["member"] == null)
{
return (null);
}
string[] results = new string[r.Properties["member"].Count];
for (int i = 0; i < r.Properties["member"].Count; i++)
{
string theGroupPath = r.Properties["member"][i].ToString();
results[i] = theGroupPath.Substring(3, theGroupPath.IndexOf(",") - 3);
}
usersDE.Close();
return (results);
}
static public string GetUserDisplayName(string username)// 获取组用户
{
string results;
DirectoryEntry usersDE = Directory();
DirectorySearcher ds = new DirectorySearcher(usersDE);
ds.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))";
ds.PropertiesToLoad.Add(UserProperty.DisplayName);
SearchResult r = ds.FindOne();
results = r.GetDirectoryEntry().InvokeGet(UserProperty.DisplayName).ToString();
usersDE.Close();
return (results);
}
static public UserInfoEx GetUserInfoEx(string username) //获取域用户详细信息
{
DirectoryEntry usersDE =Directory();
DirectorySearcher ds = new DirectorySearcher(usersDE);
ds.Filter = "(&(objectClass=user)(objectCatogery=person)(sAMAccountName=" + username + "))";
ds.PropertiesToLoad.Add("cn");
ds.PropertiesToLoad.Add(UserProperty.Name);
ds.PropertiesToLoad.Add(UserProperty.UserName);
ds.PropertiesToLoad.Add(UserProperty.homePhone);
ds.PropertiesToLoad.Add(UserProperty.FirstName);
ds.PropertiesToLoad.Add(UserProperty.LastName);
ds.PropertiesToLoad.Add(UserProperty.Email);
ds.PropertiesToLoad.Add(UserProperty.Title);
ds.PropertiesToLoad.Add(UserProperty.Company);
ds.PropertiesToLoad.Add(UserProperty.Address);
ds.PropertiesToLoad.Add(UserProperty.City);
ds.PropertiesToLoad.Add(UserProperty.State);
ds.PropertiesToLoad.Add(UserProperty.PostalCode);
ds.PropertiesToLoad.Add(UserProperty.Phone);
ds.PropertiesToLoad.Add(UserProperty.Country);
SearchResult r = ds.FindOne();
UserInfoEx result = new UserInfoEx();
result.Name = r.GetDirectoryEntry().InvokeGet(UserProperty.Name).ToString();
result.LoginName = r.GetDirectoryEntry().InvokeGet(UserProperty.UserName).ToString();
if (r.GetDirectoryEntry().InvokeGet(UserProperty.FirstName) != null)
{
result.FirstName = r.GetDirectoryEntry().InvokeGet(UserProperty.FirstName).ToString();
}
else
{
result.FirstName = "";
}
if (r.GetDirectoryEntry().InvokeGet(UserProperty.homePhone) != null)
{
result.homePhone = r.GetDirectoryEntry().InvokeGet(UserProperty.homePhone).ToString();
}
else
{
result.homePhone = "";
}
if (r.GetDirectoryEntry().InvokeGet(UserProperty.LastName)!= null)
{
result.LastName = r.GetDirectoryEntry().InvokeGet(UserProperty.LastName).ToString();
}
else
{
result.LastName = "";
}
if (r.GetDirectoryEntry().InvokeGet(UserProperty.Email) != null)
{
result.EmailAddress = r.GetDirectoryEntry().InvokeGet(UserProperty.Email).ToString();
}
else
{
result.EmailAddress = "";
}
if (r.GetDirectoryEntry().InvokeGet(UserProperty.Title) != null)
{
result.Title = r.GetDirectoryEntry().InvokeGet(UserProperty.Title).ToString();
}
else
{
result.Title = "";
}
if (r.GetDirectoryEntry().InvokeGet(UserProperty.Company) != null)
{
result.Company =r.GetDirectoryEntry().InvokeGet(UserProperty.Company).ToString();
}
else
{
result.Company = "";
}
if (r.GetDirectoryEntry().InvokeGet(UserProperty.Address) != null)
{
result.Address =r.GetDirectoryEntry().InvokeGet(UserProperty.Address).ToString();
}
else
{
result.Address = "";
}
if (r.GetDirectoryEntry().InvokeGet(UserProperty.City) != null)
{
result.City =r.GetDirectoryEntry().InvokeGet(UserProperty.City).ToString();
}
else
{
result.City = "";
}
if (r.GetDirectoryEntry().InvokeGet(UserProperty.State) != null)
{
result.State =r.GetDirectoryEntry().InvokeGet(UserProperty.State).ToString();
}
else
{
result.State = "";
}
if (r.GetDirectoryEntry().InvokeGet(UserProperty.PostalCode) != null)
{
result.PostalCode =r.GetDirectoryEntry().InvokeGet(UserProperty.PostalCode).ToString();
}
else
{
result.PostalCode = "";
}
if (r.GetDirectoryEntry().InvokeGet(UserProperty.Phone) != null)
{
result.Phone = r.GetDirectoryEntry().InvokeGet(UserProperty.Phone).ToString();
}
else
{
result.Phone = "";
}
if (r.GetDirectoryEntry().InvokeGet(UserProperty.Country) != null)
{
result.Country =r.GetDirectoryEntry().InvokeGet(UserProperty.Country).ToString();
}
else
{
result.Country = "";
}
usersDE.Close();
return (result);
}
static private string GetAdGroupDescription(string prefix)//根据CN获取组description
{
string results;
DirectoryEntry groupsDE = Directory();
DirectorySearcher groupsDS = new DirectorySearcher(groupsDE);
groupsDS.Filter = "(&(objectClass=group)(CN=" + prefix + "*))";
groupsDS.PropertiesToLoad.Add("cn");
SearchResult sr = groupsDS.FindOne();
results = sr.GetDirectoryEntry().InvokeGet("description").ToString();
groupsDE.Close();
return (results);
}
static private DataTable GetAdGroupInfo()//根据CN获取组信息
{
DataTable dt = new DataTable();
dt.Columns.Add("URL", typeof(System.String));
dt.Columns.Add("cn", typeof(System.String));
dt.Columns.Add("Description", typeof(System.String));
DirectoryEntry groupsDE = Directory();
DirectorySearcher searcher = new DirectorySearcher(groupsDE);
searcher.Filter = "(&(objectClass=group))";
//searcher.SearchScope = SearchScope.Subtree;
//searcher.Sort = new SortOption("description", System.DirectoryServices.SortDirection.Ascending);
searcher.PropertiesToLoad.AddRange(new string[] { "cn", "description"});
SearchResultCollection results = searcher.FindAll();
if (results.Count == 0)
{
return (null);
}
else {
foreach (SearchResult result in results)
{
DataRow dr = dt.NewRow();
dr[0] = result.Path.ToString();
dr[1] = result.GetDirectoryEntry().InvokeGet("cn").ToString();
if (result.GetDirectoryEntry().InvokeGet("Description")!=null)
dr[2] = result.GetDirectoryEntry().InvokeGet("Description").ToString();
else
dr[2] = result.GetDirectoryEntry().InvokeGet("cn").ToString();
dt.Rows.Add(dr);
}
dt.DefaultView.Sort = "description ASC";
groupsDE.Close();
return dt;
}
}
static public string getAccountName(string cn) //根据CN获取登陆名
{
foreach (string path in usersLdapPath)
{
DirectoryEntry userContainerDE = Directoryunits(path);
DirectorySearcher ds = new DirectorySearcher(userContainerDE);
ds.Filter = "(&(objectClass=user)(cn=*" + cn + "*))";
ds.PropertiesToLoad.Add("sAMAccountName");
SearchResult r = ds.FindOne();
if (r!=null)
return r.GetDirectoryEntry().InvokeGet("sAMAccountName").ToString();
}
return null;
}
static public bool isAdUser(string username)//判断是否域用户
{
DirectoryEntry userContainerDE = Directory();
DirectorySearcher ds = new DirectorySearcher(userContainerDE);
ds.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))";
ds.PropertiesToLoad.Add("cn");
SearchResult r = ds.FindOne();
if (r == null)
{
userContainerDE.Close();
return false;
}
else
{
userContainerDE.Close();
return true;
}
}
static public DataTable adUserlist( string groupname) //生成用户数据表
{
DataTable dt = new DataTable();
dt.Columns.Add("cn", typeof(System.String));
dt.Columns.Add("sAMAccountName", typeof(System.String));
string[] groupmember = GetUsersForGroup(usersLdapPath[0], groupname);
if (groupmember.Length == 0)
{
return null;
}
else
{
foreach (string member in groupmember) {
if(IsAccountActive(getAccountControl(getAccountName(member))))
{
DataRow dr = dt.NewRow();
dr[0] = member.ToString();
dr[1] = getAccountName(member);
dt.Rows.Add(dr);
}
}
return dt;
}
}
static public void adUserlistbox(ListBox results, string groupName) //生成USER
{
results.Items.Clear();
DataTable dt = adUserlist(groupName);
if (dt != null)
{
results.DataSource = dt;
results.DataTextField = dt.Columns[0].Caption;
results.DataValueField = dt.Columns[1].Caption;
results.DataBind();
}
}
static public void adGrouplistbox(ListBox results)
{
results.Items.Clear();
DataTable dt = GetAdGroupInfo();
DataRow dr = dt.NewRow();
dr[1] = "All";
dr[2] = "All";
dt.Rows.Add(dr);
results.DataSource = dt;
results.DataTextField = dt.Columns[2].Caption;
results.DataValueField = dt.Columns[1].Caption;
results.DataBind();
}
static public void aduserGrouplist(DropDownList results) {
results.Items.Clear();
DataTable dt = GetAdGroupInfo();
results.DataSource = dt;
results.DataTextField = dt.Columns[2].Caption;
results.DataValueField = dt.Columns[1].Caption;
results.DataBind();
}
static public DirectoryEntry Directory() {
DirectoryEntry userContainerDE;
string accountName = UserProperty.getAccountName().ToString();
accountName = accountName.Substring(0, accountName.IndexOf("\\")).Trim();
//判断登陆用户是否为域用户,"zzzzzz"为域名,域名用户格式:zzzzzz/username
if (accountName.ToLower() != "zzzzzz")
userContainerDE = new DirectoryEntry(usersLdapPath, adLoginName, adLoginPassword); // AuthenticationTypes.Secure);}
else
userContainerDE = new DirectoryEntry(usersLdapPath);//, adLoginName, adLoginPassword);
return userContainerDE;
}
static public DirectoryEntry Directoryunits(string ldappath )
{
DirectoryEntry userContainerDE;
string accountName = UserProperty.getAccountName().ToString();
accountName = accountName.Substring(0, accountName.IndexOf("\\")).Trim();
// userContainerDE = new DirectoryEntry(ldappath);
if (accountName.ToLower() != "zzzzzz" )
//userContainerDE.Username = adLoginName;
//userContainerDE.Password = adLoginPassword;
//userContainerDE.AuthenticationType = AuthenticationTypes.Secure;
userContainerDE = new DirectoryEntry(ldappath, adLoginName, adLoginPassword);// AuthenticationTypes.Secure);}
else
userContainerDE = new DirectoryEntry(ldappath);//, adLoginName, adLoginPassword);
return userContainerDE;
}
public static int getAccountControl(string accountName)//获取权限码
{
int results;
DirectoryEntry userContainerDE = Directory();
DirectorySearcher ds = new DirectorySearcher(userContainerDE);
ds.Filter = "(&(objectClass=user)(sAMAccountName=" + accountName + "))";
ds.PropertiesToLoad.Add("userAccountControl");
try
{
SearchResult r = ds.FindOne();
results = Convert.ToInt32(r.GetDirectoryEntry().InvokeGet("userAccountControl"));
userContainerDE.Close();
return results;
}
catch {
userContainerDE.Close();
return 0;
}
}
public static bool IsAccountActive(int userAccountControl)//判断是否有效
{
int ADS_UF_ACCOUNTDISABLE = 0X0002;
int userAccountControl_Disabled = Convert.ToInt32(ADS_UF_ACCOUNTDISABLE);
int flagExists = userAccountControl & userAccountControl_Disabled;
if (flagExists > 0)
return false;
else
return true;
}
public static DirectoryEntry GetDirectoryEntryByAccount(string sAMAccountName)
{
DirectoryEntry de = Directory();
DirectorySearcher deSearch = new DirectorySearcher(de);
deSearch.Filter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + sAMAccountName + "))";
// deSearch.SearchScope = SearchScope.Subtree;
try
{
SearchResult result = deSearch.FindOne();
//if (result == null)
//{ return null; }
de = Directoryunits(result.Path);
return de;
}
catch
{
//throw;
return null;
}
}
public static DirectoryEntry GetDirectoryEntryByAccount(string sAMAccountName, string password)
{
DirectoryEntry de = GetDirectoryEntryByAccount(sAMAccountName);
if (de != null)
{
// string commonName = de.Properties["cn"][0].ToString();
if (GetDirectoryEntry(sAMAccountName, password) != null)
return GetDirectoryEntry(sAMAccountName, password);
else
return null;
}
else
{
return null;
}
}
public static DirectoryEntry GetDirectoryEntry(string sAMAccountName, string password)
{
try
{
DirectoryEntry userde = new DirectoryEntry(usersLdapPath, sAMAccountName, password, AuthenticationTypes.Secure);
DirectorySearcher deSearch = new DirectorySearcher(userde);
deSearch.Filter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + sAMAccountName + "))";
//deSearch.SearchScope = SearchScope.Subtree;
try
{
SearchResult result = deSearch.FindOne();
userde = Directoryunits(result.Path);
return userde;
}
catch
{
//throw;
return null;
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
}