我正在使用内置的.NET System.DirectoryServices.ActiveDirectory来访问Active Directory域控制器。
我试图从服务器枚举用户属性的集合 - 而不是值,而是任何用户的可修改设置列表。
本质上,这是Active Directory中“属性编辑器”中可写属性的镜像:
我尝试使用以下代码获取此数据:
ActiveDirectorySchema currSchema = ActiveDirectorySchema.GetSchema(directoryContext);
ActiveDirectorySchemaClass userSchema = currSchema.FindClass("user");
ReadOnlyActiveDirectorySchemaPropertyCollection userProperties = userSchema.GetAllProperties();
但是这会返回一个很多的属性,而这些属性根本不在此对话中,但我不知道是什么让这些属性变得独特/特殊。
我也试过FindClass(“person”);
有没有办法实现这个目标?
根据要求,如果我要求上述内容,我会得到以下内容:
使用FindClass(“person”)
cn
instanceType
nTSecurityDescriptor
objectCategory
objectClass
adminDescription
adminDisplayName
allowedAttributes
allowedAttributesEffective
allowedChildClasses
allowedChildClassesEffective
attributeCertificateAttribute
bridgeheadServerListBL
canonicalName
createTimeStamp
description
directReports
displayName
displayNamePrintable
distinguishedName
dSASignature
dSCorePropagationData
extensionName
flags
fromEntry
frsComputerReferenceBL
fRSMemberReferenceBL
fSMORoleOwner
isCriticalSystemObject
isDeleted
isPrivilegeHolder
isRecycled
lastKnownParent
managedObjects
masteredBy
memberOf
modifyTimeStamp
mS-DS-ConsistencyChildCount
mS-DS-ConsistencyGuid
msCOM-PartitionSetLink
msCOM-UserLink
msDFSR-ComputerReferenceBL
msDFSR-MemberReferenceBL
msDS-Approx-Immed-Subordinates
msDS-AuthenticatedToAccountlist
msDS-EnabledFeatureBL
msDS-HostServiceAccountBL
msDS-IsDomainFor
msDS-IsFullReplicaFor
msDS-IsPartialReplicaFor
msDS-KrbTgtLinkBl
msDS-LastKnownRDN
msDS-LocalEffectiveDeletionTime
msDS-LocalEffectiveRecycleTime
msDs-masteredBy
msDS-MembersForAzRoleBL
msDS-NC-RO-Replica-Locations-BL
msDS-NCReplCursors
msDS-NCReplInboundNeighbors
msDS-NCReplOutboundNeighbors
msDS-NcType
msDS-NonMembersBL
msDS-ObjectReferenceBL
msDS-OIDToGroupLinkBl
msDS-OperationsForAzRoleBL
msDS-OperationsForAzTaskBL
msDS-PrincipalName
msDS-PSOApplied
msDS-ReplAttributeMetaData
msDS-ReplValueMetaData
msDS-RevealedDSAs
msDS-RevealedListBL
msDS-TasksForAzRoleBL
msDS-TasksForAzTaskBL
msSFU30PosixMemberOf
name
netbootSCPBL
nonSecurityMemberBL
objectGUID
objectVersion
otherWellKnownObjects
ownerBL
partialAttributeDeletionList
partialAttributeSet
possibleInferiors
proxiedObjectName
proxyAddresses
queryPolicyBL
replPropertyMetaData
replUpToDateVector
repsFrom
repsTo
revision
sDRightsEffective
seeAlso
serialNumber
serverReferenceBL
showInAdvancedViewOnly
siteObjectBL
sn
structuralObjectClass
subRefs
subSchemaSubEntry
systemFlags
telephoneNumber
url
userPassword
uSNChanged
uSNCreated
uSNDSALastObjRemoved
USNIntersite
uSNLastObjRem
uSNSource
wbemPath
wellKnownObjects
whenChanged
whenCreated
wWWHomePage
使用FindClass(“用户”)
cn
instanceType
nTSecurityDescriptor
objectCategory
objectClass
objectSid
sAMAccountName
accountExpires
accountNameHistory
aCSPolicyName
adminCount
adminDescription
adminDisplayName
allowedAttributes
allowedAttributesEffective
allowedChildClasses
allowedChildClassesEffective
altSecurityIdentities
assistant
attributeCertificateAttribute
audio
badPasswordTime
badPwdCount
bridgeheadServerListBL
businessCategory
c
canonicalName
carLicense
co
codePage
comment
company
controlAccessRights
countryCode
createTimeStamp
dBCSPwd
defaultClassStore
department
departmentNumber
description
desktopProfile
destinationIndicator
directReports
displayName
displayNamePrintable
distinguishedName
division
dSASignature
dSCorePropagationData
dynamicLDAPServer
employeeID
employeeNumber
employeeType
extensionName
facsimileTelephoneNumber
flags
fromEntry
frsComputerReferenceBL
fRSMemberReferenceBL
fSMORoleOwner
garbageCollPeriod
gecos
generationQualifier
gidNumber
givenName
groupMembershipSAM
groupPriority
groupsToIgnore
homeDirectory
homeDrive
homePhone
homePostalAddress
houseIdentifier
info
initials
internationalISDNNumber
ipPhone
isCriticalSystemObject
isDeleted
isPrivilegeHolder
isRecycled
jpegPhoto
l
labeledURI
lastKnownParent
lastLogoff
lastLogon
lastLogonTimestamp
legacyExchangeDN
lmPwdHistory
localeID
lockoutTime
loginShell
logonCount
logonHours
logonWorkstation
mail
managedObjects
manager
masteredBy
maxStorage
memberOf
mhsORAddress
middleName
mobile
modifyTimeStamp
mS-DS-ConsistencyChildCount
mS-DS-ConsistencyGuid
mS-DS-CreatorSID
msCOM-PartitionSetLink
msCOM-UserLink
msCOM-UserPartitionSetLink
msDFSR-ComputerReferenceBL
msDFSR-MemberReferenceBL
msDRM-IdentityCertificate
msDS-AllowedToDelegateTo
msDS-Approx-Immed-Subordinates
msDS-AuthenticatedAtDC
msDS-AuthenticatedToAccountlist
msDS-Cached-Membership
msDS-Cached-Membership-Time-Stamp
msDS-EnabledFeatureBL
msDS-FailedInteractiveLogonCount
msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon
msDS-HABSeniorityIndex
msDS-HostServiceAccountBL
msDS-IsDomainFor
msDS-IsFullReplicaFor
msDS-IsPartialReplicaFor
msDS-KeyVersionNumber
msDS-KrbTgtLinkBl
msDS-LastFailedInteractiveLogonTime
msDS-LastKnownRDN
msDS-LastSuccessfulInteractiveLogonTime
msDS-LocalEffectiveDeletionTime
msDS-LocalEffectiveRecycleTime
msDs-masteredBy
msDS-MembersForAzRoleBL
msDS-NC-RO-Replica-Locations-BL
msDS-NCReplCursors
msDS-NCReplInboundNeighbors
msDS-NCReplOutboundNeighbors
msDS-NcType
msDS-NonMembersBL
msDS-ObjectReferenceBL
msDS-OIDToGroupLinkBl
msDS-OperationsForAzRoleBL
msDS-OperationsForAzTaskBL
msDS-PhoneticCompanyName
msDS-PhoneticDepartment
msDS-PhoneticDisplayName
msDS-PhoneticFirstName
msDS-PhoneticLastName
msDS-PrincipalName
msDS-PSOApplied
msDS-ReplAttributeMetaData
msDS-ReplValueMetaData
msDS-ResultantPSO
msDS-RevealedDSAs
msDS-RevealedListBL
msDS-SecondaryKrbTgtNumber
msDS-Site-Affinity
msDS-SourceObjectDN
msDS-SupportedEncryptionTypes
msDS-TasksForAzRoleBL
msDS-TasksForAzTaskBL
msDS-User-Account-Control-Computed
msDS-UserPasswordExpiryTimeComputed
msExchAssistantName
msExchHouseIdentifier
msExchLabeledURI
msIIS-FTPDir
msIIS-FTPRoot
mSMQDigests
mSMQDigestsMig
mSMQSignCertificates
mSMQSignCertificatesMig
msNPAllowDialin
msNPCallingStationID
msNPSavedCallingStationID
msPKI-CredentialRoamingTokens
msPKIAccountCredentials
msPKIDPAPIMasterKeys
msPKIRoamingTimeStamp
msRADIUS-FramedInterfaceId
msRADIUS-FramedIpv6Prefix
msRADIUS-FramedIpv6Route
msRADIUS-SavedFramedInterfaceId
msRADIUS-SavedFramedIpv6Prefix
msRADIUS-SavedFramedIpv6Route
msRADIUSCallbackNumber
msRADIUSFramedIPAddress
msRADIUSFramedRoute
msRADIUSServiceType
msRASSavedCallbackNumber
msRASSavedFramedIPAddress
msRASSavedFramedRoute
msSFU30Name
msSFU30NisDomain
msSFU30PosixMemberOf
msTSAllowLogon
msTSBrokenConnectionAction
msTSConnectClientDrives
msTSConnectPrinterDrives
msTSDefaultToMainPrinter
msTSExpireDate
msTSExpireDate2
msTSExpireDate3
msTSExpireDate4
msTSHomeDirectory
msTSHomeDrive
msTSInitialProgram
msTSLicenseVersion
msTSLicenseVersion2
msTSLicenseVersion3
msTSLicenseVersion4
msTSLSProperty01
msTSLSProperty02
msTSManagingLS
msTSManagingLS2
msTSManagingLS3
msTSManagingLS4
msTSMaxConnectionTime
msTSMaxDisconnectionTime
msTSMaxIdleTime
msTSPrimaryDesktop
msTSProfilePath
msTSProperty01
msTSProperty02
msTSReconnectionAction
msTSRemoteControl
msTSSecondaryDesktops
msTSWorkDirectory
name
netbootSCPBL
networkAddress
nonSecurityMemberBL
ntPwdHistory
o
objectGUID
objectVersion
operatorCount
otherFacsimileTelephoneNumber
otherHomePhone
otherIpPhone
otherLoginWorkstations
otherMailbox
otherMobile
otherPager
otherTelephone
otherWellKnownObjects
ou
ownerBL
pager
partialAttributeDeletionList
partialAttributeSet
personalTitle
photo
physicalDeliveryOfficeName
possibleInferiors
postalAddress
postalCode
postOfficeBox
preferredDeliveryMethod
preferredLanguage
preferredOU
primaryGroupID
primaryInternationalISDNNumber
primaryTelexNumber
profilePath
proxiedObjectName
proxyAddresses
pwdLastSet
queryPolicyBL
registeredAddress
replPropertyMetaData
replUpToDateVector
repsFrom
repsTo
revision
rid
roomNumber
sAMAccountType
scriptPath
sDRightsEffective
secretary
securityIdentifier
seeAlso
serialNumber
serverReferenceBL
servicePrincipalName
shadowExpire
shadowFlag
shadowInactive
shadowLastChange
shadowMax
shadowMin
shadowWarning
showInAddressBook
showInAdvancedViewOnly
sIDHistory
siteObjectBL
sn
st
street
streetAddress
structuralObjectClass
subRefs
subSchemaSubEntry
supplementalCredentials
systemFlags
telephoneNumber
teletexTerminalIdentifier
telexNumber
terminalServer
textEncodedORAddress
thumbnailLogo
thumbnailPhoto
title
tokenGroups
tokenGroupsGlobalAndUniversal
tokenGroupsNoGCAcceptable
uid
uidNumber
unicodePwd
unixHomeDirectory
unixUserPassword
url
userAccountControl
userCert
userCertificate
userParameters
userPassword
userPKCS12
userPrincipalName
userSharedFolder
userSharedFolderOther
userSMIMECertificate
userWorkstations
uSNChanged
uSNCreated
uSNDSALastObjRemoved
USNIntersite
uSNLastObjRem
uSNSource
wbemPath
wellKnownObjects
whenChanged
whenCreated
wWWHomePage
x121Address
x500uniqueIdentifier
userSchema
userProperties
答案 0 :(得分:1)
答案 1 :(得分:0)
"但这会返回很多属性,而这些属性根本不在这个对话中,但我不知道是什么让这些属性变得独特/特殊。"
Windows服务器附带预定义的AD架构。这是唯一/特殊值的基本列表。如果您安装了Exchange服务器,则Exchange将向列表中添加一大堆额外的唯一/特殊属性,因为它会将Exchange AD架构附加到基于Windows AD架构的基础上。从本质上讲,基本窗口AD安装将向您显示您保证的架构对象,并且所有其他对象都是可选的,具体取决于网络上的配置和已安装的软件。
我强烈建议您使用adsi编辑器snapin来执行此类编程:http://technet.microsoft.com/en-us/library/cc773354%28v=ws.10%29.aspx。这将帮助您了解可以将哪些魔术字符串添加到FindClass中,以及将调用作为参数,并允许您在进入代码之前通过C#调用确定从AD返回的内容。