SID

SID

关注
发信
关注(28)粉丝(399)

如何找到属于一组用户的AD,和刚刚获得他们的SAM帐户名和SID?

本文介绍了如何找到属于一组用户的AD,和刚刚获得他们的SAM帐户名和SID?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我只是希望用户能够在一组的名称在文本框中输入,并返回只是他们的登录名和他们的SID。

到目前为止,我都这样了,加载的用户组中,但即时通讯不能确定如何提取的登录名和SID。

 信息搜索结果的结果;
            DirectorySearcher从搜索=新DirectorySearcher从();
            sea​​rch.Filter =的String.Format((CN = {0}),txtGroup.Text);
            sea​​rch.PropertiesToLoad.Add(会员);
            sea​​rch.PropertiesToLoad.Add(CN);
            sea​​rch.PropertiesToLoad.Add(的objectGUID);
            结果= search.FindOne();


            StringBuilder的用户名=新的StringBuilder();
            如果(结果!= NULL)
            {
                对于(INT计数器= 0;反<
                result.Properties [成员]计数。计数器++)
                {
                    字符串用户=(字符串)result.Properties [成员] [计数器]
                    userNames.AppendLine(用户);

                }
            }
            lblResults.Text = userNames.ToString();

解决方案

该propertie至极包含SID叫做的objectSID 和propertie至极含有次登录时 sAMAccountName赋的NT4兼容的版本和的UserPrincipalName 。你最好用@Virkkunen咨询工作。

 静态无效的主要(字串[] args)
{
  / *连接到Active Directory
   * /
  的DirectoryEntry贬低=新的DirectoryEntry(LDAP://192.168.183.138:389 / DC =兴业,DC = FR,administrateur,PWD);

  / *目录搜索
   * /
  DirectorySearcher从dsLookForGrp =新DirectorySearcher从(贬低);
  dsLookForGrp.Filter =的String.Format((CN = {0}),yourgroup);
  dsLookForGrp.SearchScope = SearchScope.Subtree;
  dsLookForGrp.PropertiesToLoad.Add(的distinguishedName);
  信息搜索结果srcGrp = dsLookForGrp.FindOne();

  / *目录搜索
   * /
  DirectorySearcher从dsLookForUsers =新DirectorySearcher从(贬低);
  dsLookForUsers.Filter =的String.Format((及(objectCategory属性=人)(的memberOf = {0})),srcGrp.Properties [的distinguishedName] [0]);
  dsLookForUsers.SearchScope = SearchScope.Subtree;
  dsLookForUsers.PropertiesToLoad.Add(的objectSID);
  dsLookForUsers.PropertiesToLoad.Add(的UserPrincipalName);
  dsLookForUsers.PropertiesToLoad.Add(sAMAccountName赋);
  SearchResultCollection srcLstUsers = dsLookForUsers.FindAll();

  的foreach(在srcLstUsers信息搜索结果sruser)
  {
    Console.WriteLine({0},sruser.Path);

    的SecurityIdentifier SID =新的SecurityIdentifier((字节[])sruser.Properties [的objectSID] [0],0);
    Console.WriteLine(sid.ToString());

    的foreach(在sruser.Properties.PropertyNames字符串属性)
    {
      Console.WriteLine(\ t {0} {1},财产,sruser.Properties [属性] [0]);
    }
  }
}

I just want a user to be able to type in a group name in a textbox, and return just their login name and their SID.

So far i have this, and that loads the users in the group but im unsure how to extract the login and SID.

 SearchResult result;
            DirectorySearcher search = new DirectorySearcher();
            search.Filter = String.Format("(cn={0})", txtGroup.Text);
            search.PropertiesToLoad.Add("member");
            search.PropertiesToLoad.Add("cn");
            search.PropertiesToLoad.Add("objectGUID");
            result = search.FindOne();


            StringBuilder userNames = new StringBuilder();
            if (result != null)
            {
                for (int counter = 0; counter <
                result.Properties["member"].Count; counter++)
                {
                    string user = (string)result.Properties["member"][counter];
                    userNames.AppendLine(user);

                }
            }
            lblResults.Text = userNames.ToString();
解决方案

The propertie wich contains SID is called objectSid, and the propertie wich contain th login is sAMAccountName for the NT4 compatible version and userPrincipalName. You'd better work with @Virkkunen advice.

static void Main(string[] args)
{
  /* Connection to Active Directory
   */
  DirectoryEntry deBase = new DirectoryEntry("LDAP://192.168.183.138:389/dc=societe,dc=fr", "administrateur", "pwd");

  /* Directory Search
   */
  DirectorySearcher dsLookForGrp = new DirectorySearcher(deBase);
  dsLookForGrp.Filter = String.Format("(cn={0})", "yourgroup");
  dsLookForGrp.SearchScope = SearchScope.Subtree;
  dsLookForGrp.PropertiesToLoad.Add("distinguishedName");
  SearchResult srcGrp = dsLookForGrp.FindOne();

  /* Directory Search
   */
  DirectorySearcher dsLookForUsers = new DirectorySearcher(deBase);
  dsLookForUsers.Filter = String.Format("(&(objectCategory=person)(memberOf={0}))", srcGrp.Properties["distinguishedName"][0]);
  dsLookForUsers.SearchScope = SearchScope.Subtree;
  dsLookForUsers.PropertiesToLoad.Add("objectSid");
  dsLookForUsers.PropertiesToLoad.Add("userPrincipalName  ");
  dsLookForUsers.PropertiesToLoad.Add("sAMAccountName");
  SearchResultCollection srcLstUsers = dsLookForUsers.FindAll();

  foreach (SearchResult sruser in srcLstUsers)
  {
    Console.WriteLine("{0}", sruser.Path);

    SecurityIdentifier sid = new SecurityIdentifier((byte[])   sruser.Properties["objectSid"][0], 0);
    Console.WriteLine(sid.ToString());    

    foreach (string property in sruser.Properties.PropertyNames)
    {
      Console.WriteLine("\t{0} : {1} ", property, sruser.Properties[property][0]);
    }
  }
}

这篇关于如何找到属于一组用户的AD,和刚刚获得他们的SAM帐户名和SID?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

10-11 06:18
Powered by LMLPHP ©2024 SID 0.004833