zoukankan      html  css  js  c++  java
  • C#2.0 对AD的简单操作

    System.DirectoryServices.Protocols.dll是.net2.0新增加的一个针对目录服务访问协议处理的组件,其下只有一个System.DirectoryServices.Protocols命名空间。在该命名空间下,主要有LDAP、DSML两种国际标准协议的一系列实现类。通过这些类,完全可以很方便地实现对目录的操作管理,这个实现步骤就有点类似你利用ADO.NET操作数据库一样方便。

           在System.DirectoryServices.Protocols命名空间里,主要有这样几个类:LdapConnection(LDAP协议方式的目录连接类,负责创建LDAP连接并绑定LDAP服务器、DsmlSoapHttpConnection(DSML协议方式的目录连接类、负责创建DSML连接并绑定DSML服务器)、AddRequest/AddResponse、ModifyRequest/ModifyResponse、ModifyDNRequest/ModifyDNResponse、CompareRequest/CompareResponse、SearchRequest/SearchResponse、DeleteRequest/DeleteResponse、DsmlRequestDocument/DsmlResponseDocument。这些类在实际编程应用中的关系如下图:


            用户利用LdapConnection/DsmlSoapHttpConnection跟LDAP服务器/DSML服务器建立连接并绑定后,即可创建一系列相应的操作请求(如增加一新对象请求AddRequest),然后通过连接对象的SendRequest方法把请求命令发送到服务器,服务器根据请求进行相应处理后,把应答信息传回给客户端。需要指出的是,对于DSML方式的请求,还可以利用DsmlRequestDocument将AddRequest、ModifyRequest、ModifyDNRequest、CompareRequet、SearchRequest和DeleteRequest的任意几个请求组合组装起来,一并发送到DSML服务器进行处理。

            LdapConnection的使用

    1. 创建LDAP连接并进行绑定:

      NetworkCredential credential = new NetworkCredential("Administrator", "password");<?XML:namespace prefix = o ns = "urn:schemas-microsoft-com:Office:office" />

       

      LdapConnection ldapConnection = new LdapConnection("192.168.0.6");

      ldapConnection.Credential = credential;

      ldapConnection.Bind();

    2. 创建一个请求,使其达到增加一个OU,其名称为MyOU的目的。创建后的MyOU其DN为OU=MyOU,DC=mydomain,DC=local:

      string targetDN = "DC=mydomain,DC=local";

       

      // 增加一个名为MyOU的组织单元

      string ou = "OU=MyOU," + targetDN;

      string objectClass = "organizationalUnit";

       

      AddRequest addRequest = new AddRequest(ou, objectClass);

    3. 把请求发送到服务器进行处理:

      ldapConnection.SendRequest(addRequest);
      执行完SendRequest()后,如果没有出现异常,那么MyOU已经成功增加了。当然,如果你还需要进一步对SendRequest()操作后的应答信息进行处理的话,也可以类似下面这样写,其中将在屏幕上输出“Success“的结果码:

      AddResponse addResponse = (AddResponse)ldapConnection.SendRequest(addRequest);

       

      Console.WriteLine(addResponse.ResultCode.ToString());

            至此,一个LDAP请求已经处理完毕。上面的完整代码可以点这里进行查看

    using System;

    using System.Net;

    using System.DirectoryServices;

    using System.DirectoryServices.Protocols;

     

    NetworkCredential credential = new NetworkCredential("Administrator", "password");

     

    LdapConnection ldapConnection = new LdapConnection("192.168.0.6");

    ldapConnection.Credential = credential;

    ldapConnection.Bind();

     

    string targetDN = "DC=mydomain,DC=local";

     

    //增加一个名为MyOU的OU

    string ou = "OU=MyOU," + targetDN;

    string objectClass = "organizationalUnit";

     

    AddRequest addRequest = new AddRequest(ou, objectClass);

    AddResponse addResponse = (AddResponse)ldapConnection.SendRequest(addRequest);

     

    Console.WriteLine(addResponse.ResultCode.ToString());

            类似上面增加操作,还可以利用DeleteRequest进行删除操作、ModifyDNRequest进行重命名或移动操作、ModifyRequest进行修改对象属性操作、SearchRequest进行查询操作、CompareRequest进行验证比较操作。

            DsmlSoapHttpConnection的使用

    1. 关于DSML for Windows,可以通过http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/dsml.asp进行下载。简单理解DSML,就是利用标准的HTTP/SOAP/XML对活动目录进行读写等一系列操作的技术。安装完DSML for Windows后,还需要执行“Microsoft DSML“程序组里的“Configuring DSML Services“。该程序里有三个步骤,很好理解和操作,这里省略。但需要指出,如果你不需要进行SSL连接服务器的话,需要在Step 1中把“Require SSL to connect to DSML server“取消。另外,如果你还需要执行除读取以外的权限,如写操作权限,还需要在Step 2中把“Make DSML Server readonly“取消。
    2. 建立DsmlSoapHttpConnection连接:

      NetworkCredential credential = new NetworkCredential("Administrator", "password");

       

      Uri dsmlServerUri = new Uri("http://192.168.0.6/dsml/adssoap.dsmlx");

      DsmlSoapHttpConnection dsmlSoapHttpConnection = new DsmlSoapHttpConnection(dsmlServerUri);

      dsmlSoapHttpConnection.Credential = credential;

    3. 创建一个请求,使其达到增加一个OU,其名称为MyOU的目的。创建后的MyOU其DN为OU=MyOU,DC=mydomain,DC=local。可以看到,这部分跟LDAP操作时一致的!

      string targetDN = "DC=mydomain,DC=local";

       

      //增加一个名为MyOUOU

      string ou = "OU=MyOU," + targetDN;

      string objectClass = "organizationalUnit";

       

      AddRequest addRequest = new AddRequest(ou, objectClass);

    4. 把请求发送到服务器进行处理:

      DsmlResponseDocument dsmlResponseDocument = dsmlSoapHttpConnection.SendRequest(addRequest);

       

      Console.WriteLine(dsmlResponseDocument[0].ResultCode.ToString());
      可以看到,DsmlResponseDocument可以包含多个应答信息,应该还需要指定下标,才能得到具体返回的结果码。

          至此,一个DSML请求已经处理完毕。上面的完整代码可以点这里进行查看

    using System;

    using System.Net;

    using System.DirectoryServices;

    using System.DirectoryServices.Protocols;

     

    NetworkCredential credential = new NetworkCredential("Administrator", "password");

     

    Uri dsmlServerUri = new Uri("http://192.168.0.6/dsml/adssoap.dsmlx");

    DsmlSoapHttpConnection dsmlSoapHttpConnection = new DsmlSoapHttpConnection(dsmlServerUri);

    dsmlSoapHttpConnection.Credential = credential;

     

    string targetDN = "DC=mydomain,DC=local";

     

    //增加一个名为MyOUOU

    string ou = "OU=MyOU," + targetDN;

    string objectClass = "organizationalUnit";

     

    AddRequest addRequest = new AddRequest(ou, objectClass);

    DsmlResponseDocument dsmlResponseDocument = dsmlSoapHttpConnection.SendRequest(addRequest);

     

    Console.WriteLine(dsmlResponseDocument[0].ResultCode.ToString());

            另外,对于DSML的多条操作请求一起发送的情况,可以创建DsmlRequestDocument对象去包含各种操作请求,具体可以参考这里的代码

    using System;

    using System.Net;

    using System.DirectoryServices;

    using System.DirectoryServices.Protocols;

     

    NetworkCredential credential = new NetworkCredential("Administrator", "password");

     

    ri dsmlServerUri = new Uri("http://192.168.0.6/dsml/adssoap.dsmlx");

    DsmlSoapHttpConnection dsmlSoapHttpConnection = new DsmlSoapHttpConnection(dsmlServerUri);

    dsmlSoapHttpConnection.Credential = credential;

     

    string targetDN = "DC=mydomain,DC=local";

     

    string ou = "OU=MyOU," + targetDN;

    string objectClass = "organizationalUnit";

     

    DsmlRequestDocument batchRequest = new DsmlRequestDocument();

     

    AddRequest addRequest;

    ModifyRequest modifyRequest;

     

    addRequest = new AddRequest(ou, objectClass);

    addRequest.RequestId = "Add1";

    batchRequest.Add(addRequest);

     

    modifyRequest = new ModifyRequest(ou, "description", new string[]{"This is description of MyOU"}, DirectoryAttributeOperation.Replace);

    modifyRequest.RequestId = "Modify1";

    batchRequest.Add(modifyRequest);

     

    DsmlResponseDocument batchResponse = dsmlSoapHttpConnection.SendRequest(batchRequest);

     

    foreach (DirectoryResponse response in batchResponse)

    {

          Console.WriteLine(response.GetType().Name + ": \tId=" + response.RequestId + ",\tResultCode=" + response.ResultCode);

    }

            感觉怎样?我想肯定舒服了很多,毕竟这样的编程逻辑对我们来说,是再熟悉也不错的了。另外,对于目录这块,.NET2.0还在System.DirectoryServices.dll组件里也增加了一个新的命名空间System.DirectoryServices.ActiveDirectory。顾名思义,该命名空间完成的功能就是对活动目录进行更完整的处理操作,比如对域林、域树、域、域控制器、目录复制、活动目录架构、域信任等的操作,让你尽可能完全在纯托管的代码中实现对活动目录的操作。

  • 相关阅读:
    模块的_name_
    kettle学习笔记(八)——kettle查询步骤与连接步骤
    kettle学习笔记(七)——kettle流程步骤与应用步骤
    kettle学习笔记(六)——kettle转换步骤
    kettle学习笔记(五)——kettle输出步骤
    kettle学习笔记(四)——kettle输入步骤
    kettle学习笔记(三)——kettle资源库、运行方式与日志
    kettle学习笔记(二)——kettle基本使用
    Python3入门(十一)——IO编程
    Python3入门(十)——调试与测试
  • 原文地址:https://www.cnblogs.com/tommyli/p/708326.html
Copyright © 2011-2022 走看看