本文介绍了如何获得一组的SID一旦我在Active Directory中的用户群?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我使用DirectorySearcher从取得ActiveDirectory的用户群体。
我的问题是如何获得的SID与每个组相关联,一旦我得到使用成员的用户群?
我的工作在.NETFramework 2.0环境。
的DirectoryEntry条目=新的DirectoryEntry(的String.Format(LDAP:// {0},sUserDomain));
DirectorySearcher从mySearcher =新DirectorySearcher从(输入);
mySearcher.Filter =的String.Format((及(对象类=用户)(CN = {0})),ui.DisplayName.ToString());
mySearcher.PropertiesToLoad.Add(成员);
信息搜索结果信息搜索结果= mySearcher.FindOne();
解决方案
有没有办法做到在一个单一的LDAP搜索,因为的memberOf
返回一个区分的名称。你所要做的另外一个绑定来从组对象的的objectSID
属性。这里是code。
的DirectoryEntry条目=新的DirectoryEntry(的String.Format(LDAP:// {0},sUserDomain));
DirectorySearcher从mySearcher =新DirectorySearcher从(输入);
mySearcher.Filter =的String.Format((及(对象类=用户)(CN = {0})),ui.DisplayName.ToString());
mySearcher.PropertiesToLoad.Add(成员);
信息搜索结果信息搜索结果= mySearcher.FindOne();
的foreach(在searchresult.Properties字符串DN [成员])
{
的DirectoryEntry组=新的DirectoryEntry(的String.Format(LDAP:// {0} / {1},sUserDomain,DN));
的SecurityIdentifier SID =新的SecurityIdentifier(group.Properties [的objectSID] [0]作为字节[],0);
Console.Out.WriteLine(sid.Value);
}
I am using DirectorySearcher to get groups of a User in ActiveDirectory.
My Question is how to get SID associated with each group once i get user groups using "memberOf"?
I am working in .NETFramework 2.0 Environment.
DirectoryEntry entry = new DirectoryEntry(string.Format("LDAP://{0}", sUserDomain));
DirectorySearcher mySearcher = new DirectorySearcher(entry);
mySearcher.Filter = string.Format("(&(objectClass=user) (cn= {0}))", ui.DisplayName.ToString());
mySearcher.PropertiesToLoad.Add("memberOf");
SearchResult searchresult = mySearcher.FindOne();
解决方案
There is no way to do it in one single LDAP search because memberOf
returns a distinguish name. You have to do another bind to get the objectSid
attribute from the group object. Here is the code.
DirectoryEntry entry = new DirectoryEntry(string.Format("LDAP://{0}", sUserDomain));
DirectorySearcher mySearcher = new DirectorySearcher(entry);
mySearcher.Filter = string.Format("(&(objectClass=user) (cn= {0}))", ui.DisplayName.ToString());
mySearcher.PropertiesToLoad.Add("memberOf");
SearchResult searchresult = mySearcher.FindOne();
foreach (string dn in searchresult.Properties["memberOf"])
{
DirectoryEntry group = new DirectoryEntry(string.Format("LDAP://{0}/{1}", sUserDomain, dn));
SecurityIdentifier sid = new SecurityIdentifier(group.Properties["objectSid"][0] as byte[], 0);
Console.Out.WriteLine(sid.Value);
}
这篇关于如何获得一组的SID一旦我在Active Directory中的用户群?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!