我想让Active Directory中的所有组“安全组”都可用。有什么想法吗?
谢谢,
答案 0 :(得分:2)
由于您使用的是.NET 3.5或更高版本,因此您可以使用PrincipalSearcher和“按示例查询”主体进行搜索:
// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// define a "query-by-example" principal - here, we search for a GroupPrincipal
// with the security group flag set
GroupPrincipal qbeGroup = new GroupPrincipal(ctx);
qbeGroup.IsSecurityGroup = true;
// create your principal searcher passing in the QBE principal
PrincipalSearcher srch = new PrincipalSearcher(qbeGroup);
// find all matches
foreach(var found in srch.FindAll())
{
// do whatever here - "found" is of type "Principal" - it could be user, group, computer.....
}
如果您还没有 - 绝对阅读MSDN文章Managing Directory Security Principals in the .NET Framework 3.5,该文章很好地展示了如何充分利用System.DirectoryServices.AccountManagement
答案 1 :(得分:0)
试试这种方式
DirectoryEntry ent1 = new DirectoryEntry("LDAP://" + _path,
"adminUser", "***********");
DirectorySearcher dSearch = new DirectorySearcher(ent1);
dSearch.Filter = "(&(objectClass=group))";
dSearch.SearchScope = SearchScope.Subtree;
SearchResultCollection results = dSearch.FindAll();
List<string> groupNames = new List<string>();
for (int i = 0; i < results.Count; i++)
{
DirectoryEntry de = results[i].GetDirectoryEntry();
groupNames.Add(de.Name.Replace("CN=", ""));
}
这对我有用:)