Active Directory Get User's groups using LDAP

zoukankan html css js c++ java

Active Directory Get User's groups using LDAP

通过LDAP查找AD User所属的ADGroupy

  1         /// <summary>

2         /// 获得用户所属组的SID
3         /// </summary>
4         /// <code>Comes From http://netwenchao.cnblogs.com</code>
5         /// <returns></returns>
6         public static IEnumerable<string> GetGroupSidsOfUser(string userLoginName, ADOperator operater)
7         {
8             using (DirectorySearcher directorySearcher = new DirectorySearcher(
9                 new DirectoryEntry(string.Format("LDAP://{0}", operater.ManageDomainName), operater.UserLogonName, operater.Password, AuthenticationTypes.Secure),
10                 string.Format("(&(objectcategory=user)(samaccountname={0}))", GetUserName(userLoginName)),
11                 new string[] { ADUserAttributes.SamAccountName }))
12             {
13                 var result = directorySearcher.FindOne();
14                 if (result != null)
15                 {
16                     DirectoryEntry directoryEntry = result.GetDirectoryEntry();
17                     directoryEntry.RefreshCache(new string[] { ADUserAttributes.TokenGroupsGlobalAndUniversal });
18                     for (int index = 0; index < directoryEntry.Properties[ADUserAttributes.TokenGroupsGlobalAndUniversal].Count; index++)
19                     {
20                         yield return ConvertBinarySidToString((byte[])directoryEntry.Properties[ADUserAttributes.TokenGroupsGlobalAndUniversal][index]);
21                     }
22                 }
23             }
24             yield break;
25         }
26
27         /// <summary>
28         /// 获得用户所属组的AccountName
29         /// </summary>
30         /// <param name="userLoginName"></param>
31         /// <param name="operater"></param>
32         /// <code>Comes From http://netwenchao.cnblogs.com</code>
33         /// <returns></returns>
34         public static IEnumerable<string> GetGroupsOfUser(string userLoginName, ADOperator operater)
35         {
36             using (DirectorySearcher directorySearcher = new DirectorySearcher(
37                 new DirectoryEntry(string.Format("LDAP://{0}", operater.ManageDomainName), operater.UserLogonName, operater.Password, AuthenticationTypes.Secure),
38                 "",
39                 new string[] { ADUserAttributes.SamAccountName }))
40             {
41                 IList<string> groups = new List<string>();
42                 SearchResult sr = null;
43                 var sids = GetGroupSidsOfUser(userLoginName, operater);
44                 if (!sids.Any()) return null;
45                 foreach (var sid in sids)
46                 {
47                     directorySearcher.Filter = string.Format("objectsid={0}", sid);
48                     sr = directorySearcher.FindOne();
49                     if (null != sr && sr.Properties[ADUserAttributes.SamAccountName].Count > 0) groups.Add(sr.Properties[ADUserAttributes.SamAccountName][0].ToString());
50                 }
51                 return groups;
52             }
53         }

Comes From http://netwenchao.cnblogs.com

查看全文

相关阅读:
攻防世界web新手区前六关
 JS-数组基础知识3
CSRF攻击的原理和spring security对CSRF攻击的解决方法
 Java开发微信公众号
 内部类
 Java Web整合开发(30) -- Spring的ORM模块
 win10安装mysql
jquery 事件冒泡的介绍以及如何阻止事件冒泡
 jquery中attr和prop的区别介绍
 jQuery 层次选择器

原文地址：https://www.cnblogs.com/netwenchao/p/2518229.html