AD:区分用户和计算机 | 区分用户和计算机

本文介绍了AD:区分用户和计算机的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

大家好，

我有一段代码可以从Active Directory返回特定用户/计算机的所有信息/属性.谁能告诉我如何区分两者(用户还是计算机)?

Hi all,

I have a piece of code that returns all the information / properties from Active Directory for a specific user / computer. Can anyone please tell me how do I distinguish between the two (User vs Computer)?

...
                string username = this.textEdit1.Text;
                // create LDAP connection object
                DirectoryEntry myLdapConnection = CreateDirectoryEntry();

                // create search object which operates on LDAP connection object
                // and set search object to only find the user specified
                DirectorySearcher search = new DirectorySearcher(myLdapConnection);
                search.Filter = "(cn=" + username + ")";

                // create results objects from search object
                SearchResult result = search.FindOne();

                if (result != null)
                {
                    // user exists, cycle through LDAP fields (cn, telephonenumber etc.)
                    ResultPropertyCollection fields = result.Properties;

                    foreach (String ldapField in fields.PropertyNames)
                    {
                        // cycle through objects in each field e.g. group membership
                        // (for many fields there will only be one object such as name)
                        foreach (Object myCollection in fields[ldapField])
                        {
                            Console.WriteLine(String.Format("{0,-20} : {1}", ldapField, myCollection.ToString()));
                        }
                    }
...

        private DirectoryEntry CreateDirectoryEntry()
        {
            // create and return new LDAP connection with desired settings

            DirectoryEntry ldapConnection = new DirectoryEntry("LDAP://server.local");
            ldapConnection.AuthenticationType = AuthenticationTypes.Secure;

            return ldapConnection;
        }

提前非常感谢.
亲切的问候，

Many thanks in advance.
Kind regards,

推荐答案

Contacts:  "(&(objectClass=Contact)(objectCategor=Person))"
Employees: "(&(objectClass=User)(company=*))"
Users:     "(objectClass=User)"
Groups:    "(objectClass=Group)"
Computers: "(objectClass=Computer)"

在这些过滤器上搜索将返回所有联系人，用户，组或计算机.我们手动设置条目的company属性，以区分实际员工用户和有权访问我们网络的非员工承包商.使用search.FindAll并遍历结果.

请注意，在使用多个条件(如联系人"和员工")时，必须使用前缀表示法:&在两个语句组合之前.

Searching on these filters will return all contacts, users, groups or computers. We manually set the entry''s company property to distinguish between actual employee users and non-employee contractors who have access to our network. Use search.FindAll and iterate through the results.

Note that when using more than one criteria (as with Contacts and Employees), you must use prefix notation: the & goes before the two statements being combined.

这篇关于AD:区分用户和计算机的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！