本文介绍了如何获得一组的SID一旦我在Active Directory中的用户群?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

限时删除!!

我使用DirectorySearcher从取得ActiveDirectory的用户群体。

我的问题是如何获得的SID与每个组相关联,一旦我得到使用成员的用户群?

我的工作在.NETFramework 2.0环境。

 的DirectoryEntry条目=新的DirectoryEntry(的String.Format(LDAP:// {0},sUserDomain));
DirectorySearcher从mySearcher =新DirectorySearcher从(输入);
mySearcher.Filter =的String.Format((及(对象类=用户)(CN = {0})),ui.DisplayName.ToString());
mySearcher.PropertiesToLoad.Add(成员​​);
信息搜索结果信息搜索结果= mySearcher.FindOne();
 

解决方案

有没有办法做到在一个单一的LDAP搜索,因为的memberOf 返回一个区分的名称。你所要做的另外一个绑定来从组对象的的objectSID 属性。这里是code。

 的DirectoryEntry条目=新的DirectoryEntry(的String.Format(LDAP:// {0},sUserDomain));
DirectorySearcher从mySearcher =新DirectorySearcher从(输入);
mySearcher.Filter =的String.Format((及(对象类=用户)(CN = {0})),ui.DisplayName.ToString());
mySearcher.PropertiesToLoad.Add(成员​​);
信息搜索结果信息搜索结果= mySearcher.FindOne();

的foreach(在searchresult.Properties字符串DN [成员])
{
    的DirectoryEntry组=新的DirectoryEntry(的String.Format(LDAP:// {0} / {1},sUserDomain,DN));
    的SecurityIdentifier SID =新的SecurityIdentifier(group.Properties [的objectSID] [0]作为字节[],0);
    Console.Out.WriteLine(sid.Value);
}
 

I am using DirectorySearcher to get groups of a User in ActiveDirectory.

My Question is how to get SID associated with each group once i get user groups using "memberOf"?

I am working in .NETFramework 2.0 Environment.

DirectoryEntry entry = new DirectoryEntry(string.Format("LDAP://{0}", sUserDomain));
DirectorySearcher mySearcher = new DirectorySearcher(entry);
mySearcher.Filter = string.Format("(&(objectClass=user) (cn= {0}))", ui.DisplayName.ToString());
mySearcher.PropertiesToLoad.Add("memberOf");
SearchResult searchresult = mySearcher.FindOne();
解决方案

There is no way to do it in one single LDAP search because memberOf returns a distinguish name. You have to do another bind to get the objectSid attribute from the group object. Here is the code.

DirectoryEntry entry = new DirectoryEntry(string.Format("LDAP://{0}", sUserDomain));
DirectorySearcher mySearcher = new DirectorySearcher(entry);
mySearcher.Filter = string.Format("(&(objectClass=user) (cn= {0}))", ui.DisplayName.ToString());
mySearcher.PropertiesToLoad.Add("memberOf");
SearchResult searchresult = mySearcher.FindOne();

foreach (string dn in searchresult.Properties["memberOf"])
{
    DirectoryEntry group = new DirectoryEntry(string.Format("LDAP://{0}/{1}", sUserDomain, dn));
    SecurityIdentifier sid = new SecurityIdentifier(group.Properties["objectSid"][0] as byte[], 0);
    Console.Out.WriteLine(sid.Value);
}

这篇关于如何获得一组的SID一旦我在Active Directory中的用户群?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

1403页,肝出来的..

09-08 00:28