Active Directory Get User's groups using LDAP

zoukankan html css js c++ java

Active Directory Get User's groups using LDAP

通过LDAP查找AD User所属的ADGroupy

  1         /// <summary>

2         /// 获得用户所属组的SID
3         /// </summary>
4         /// <code>Comes From http://netwenchao.cnblogs.com</code>
5         /// <returns></returns>
6         public static IEnumerable<string> GetGroupSidsOfUser(string userLoginName, ADOperator operater)
7         {
8             using (DirectorySearcher directorySearcher = new DirectorySearcher(
9                 new DirectoryEntry(string.Format("LDAP://{0}", operater.ManageDomainName), operater.UserLogonName, operater.Password, AuthenticationTypes.Secure),
10                 string.Format("(&(objectcategory=user)(samaccountname={0}))", GetUserName(userLoginName)),
11                 new string[] { ADUserAttributes.SamAccountName }))
12             {
13                 var result = directorySearcher.FindOne();
14                 if (result != null)
15                 {
16                     DirectoryEntry directoryEntry = result.GetDirectoryEntry();
17                     directoryEntry.RefreshCache(new string[] { ADUserAttributes.TokenGroupsGlobalAndUniversal });
18                     for (int index = 0; index < directoryEntry.Properties[ADUserAttributes.TokenGroupsGlobalAndUniversal].Count; index++)
19                     {
20                         yield return ConvertBinarySidToString((byte[])directoryEntry.Properties[ADUserAttributes.TokenGroupsGlobalAndUniversal][index]);
21                     }
22                 }
23             }
24             yield break;
25         }
26
27         /// <summary>
28         /// 获得用户所属组的AccountName
29         /// </summary>
30         /// <param name="userLoginName"></param>
31         /// <param name="operater"></param>
32         /// <code>Comes From http://netwenchao.cnblogs.com</code>
33         /// <returns></returns>
34         public static IEnumerable<string> GetGroupsOfUser(string userLoginName, ADOperator operater)
35         {
36             using (DirectorySearcher directorySearcher = new DirectorySearcher(
37                 new DirectoryEntry(string.Format("LDAP://{0}", operater.ManageDomainName), operater.UserLogonName, operater.Password, AuthenticationTypes.Secure),
38                 "",
39                 new string[] { ADUserAttributes.SamAccountName }))
40             {
41                 IList<string> groups = new List<string>();
42                 SearchResult sr = null;
43                 var sids = GetGroupSidsOfUser(userLoginName, operater);
44                 if (!sids.Any()) return null;
45                 foreach (var sid in sids)
46                 {
47                     directorySearcher.Filter = string.Format("objectsid={0}", sid);
48                     sr = directorySearcher.FindOne();
49                     if (null != sr && sr.Properties[ADUserAttributes.SamAccountName].Count > 0) groups.Add(sr.Properties[ADUserAttributes.SamAccountName][0].ToString());
50                 }
51                 return groups;
52             }
53         }

Comes From http://netwenchao.cnblogs.com

查看全文

相关阅读:
设计模式之单例模式
 设计模式之组合模式
 SVN搭建简单教程
 添加Silverlight应用到HTML
动态修改配置文件
 Ajax
jQuery 事件方法
 Java和JavaScript对账户实现掩码并四个一组分隔
 一种简单实现当前时间是否在工作时间内的方法
 Postman接口自动化测试实例用到的完整的SM2前端加密算法代码

原文地址：https://www.cnblogs.com/netwenchao/p/2518229.html