我想返回特定域用户的组成员资格列表。有点像...
string[] UserGroups(string domain, string domainUserName)
{
// query domain info
// return a list of accounts the user is a member of
}
此外,我希望能够查看哪些域帐户/群组有权访问指定的文件/文件夹。
string[] AllowedAccounts(string domain, string filePath)
{
// query file/folder permission
// return a list of accounts with access to file/folder
}
使用c#执行这两项任务的最佳方法是什么?
答案 0 :(得分:1)
这是一个例子。除非您要过滤,否则您不需要域文件访问功能。
string[] UserGroups(string domain, string domainUserName)
{
WindowsIdentity ident = new WindowsIdentity(domainUserName + "@" + domain);
List<string> groups = new List<string>();
foreach (IdentityReference g in ident.Groups)
{
groups.Add(g.Value);
}
return groups.ToArray();
}
string[] AllowedAccounts(string filePath)
{
List<string> accounts = new List<string>();
FileInfo fInfo = new FileInfo(filePath);
var fsec = fInfo.GetAccessControl();
AuthorizationRuleCollection acl = fsec.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount));
foreach (FileSystemAccessRule ace in acl)
{
accounts.Add(ace.IdentityReference.Value);
}
return accounts.ToArray();
}