我需要使用LDAP从Active Directory获取所有用户的详细信息。以下代码确实将Samaccountname作为“管理员”,但不是每个用户的详细信息,并且在列表中找不到邮件ID。请帮助。
string dominName = ConfigurationManager.AppSettings["DominName"].ToString();
string ldapPath = ConfigurationManager.AppSettings["ldapPath"].ToString();
if (!String.IsNullOrEmpty(dominName) && !String.IsNullOrEmpty(ldapPath))
{
DirectoryEntry entry = new DirectoryEntry(ldapPath, txtUsername.Text.ToString().Trim(), txtPassword.Text.ToString().Trim());
try
{
Object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(&(objectClass=user)(objectCategory=person))";
search.PropertiesToLoad.Add("samaccountname");
search.PropertiesToLoad.Add("mail");
search.PropertiesToLoad.Add("usergroup");
search.PropertiesToLoad.Add("displayname");//first name
foreach (System.DirectoryServices.SearchResult resEnt in search.FindAll())
{
System.DirectoryServices.DirectoryEntry de = resEnt.GetDirectoryEntry();
if (de.Properties["sAMAccountName"].Value != null && de.Properties["userAccountControl"].Value!=null)
{
StringBuilder sb = new StringBuilder();
sb.AppendLine("Name = " + de.Properties["sAMAccountName"].Value.ToString());
sb.AppendLine("Email = " + de.Properties["Mail"].Value.ToString());
}
}
找到解决方案:
这是我的代码:
var userAccountControlValue = 0;
int.TryParse(de.Properties["UserAccountControl"].Value.ToString(), out userAccountControlValue);
var isAccountDisabled = Convert.ToBoolean(userAccountControlValue & 0x0002);
var isNormalAccount = Convert.ToBoolean(userAccountControlValue & 0x0200);
if (de.Properties["sAMAccountName"].Value != null && de.Properties["userAccountControl"].Value != null && de.Properties["userPrincipalName"].Value != null && !isAccountDisabled && isNormalAccount)
{
//Add Employee details from AD
PaySlipPortal.Objects.Employee employee = new Employee();
employee.FirstName = de.Properties["givenName"].Value!=null?(string)de.Properties["givenName"].Value:"";
employee.Email = de.Properties["userPrincipalName"].Value != null ? (string)de.Properties["userPrincipalName"].Value : "";
employee.LastName = de.Properties["sn"].Value != null ?
(string)de.Properties["sn"].Value : "";
int deleteID= empBL.DeleteEmployee(employee.Email.Trim());
int empID = empBL.AddEmployee(employee);
}
答案 0 :(得分:21)
最近我在LDAP上工作。我需要从AD.so中找到所有信息,我已经编写了一些辅助类来查找它们。这里有一些例子。
我写过5个课程。见下文
public class ActiveDirectoryHelper
{
private DirectoryEntry _directoryEntry = null;
private DirectoryEntry SearchRoot
{
get
{
if (_directoryEntry == null)
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = new DirectoryEntry(LDAPPath);//, LDAPUser, LDAPPassword, AuthenticationTypes.Secure);
}
}
return _directoryEntry;
}
}
private String LDAPPath
{
get
{
return ConfigurationManager.AppSettings["LDAPPath"];
}
}
//private String LDAPUser
//{
// get
// {
// return ConfigurationManager.AppSettings["LDAPUser"];
// }
//}
//private String LDAPPassword
//{
// get
// {
// return ConfigurationManager.AppSettings["LDAPPassword"];
// }
//}
private String LDAPDomain
{
get
{
return ConfigurationManager.AppSettings["LDAPDomain"];
}
}
internal ADUserDetail GetUserByFullName(String userName)
{
try
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = null;
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
directorySearch.Filter = "(&(objectClass=user)(cn=" + userName + "))";
SearchResult results = directorySearch.FindOne();
if (results != null)
{
DirectoryEntry user = new DirectoryEntry(results.Path);// LDAPUser, LDAPPassword);
return ADUserDetail.GetUser(user);
}
else
{
return null;
}
}
}
catch (Exception ex)
{
return null;
}
}
public ADUserDetail GetUserByLoginName(String userName)
{
try
{
using (HostingEnvironment.Impersonate())
{
// This code runs as the application pool user
_directoryEntry = null;
string nn = "LDAP://PRIME.local/DC=PRIME,DC=local";
DirectoryEntry SearchRoot2 = new DirectoryEntry(nn);
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
directorySearch.Filter = "(&(objectClass=user)(SAMAccountName=" + userName + "))";
SearchResult results = directorySearch.FindOne();
if (results != null)
{
DirectoryEntry user = new DirectoryEntry(results.Path);//, LDAPUser, LDAPPassword);
return ADUserDetail.GetUser(user);
}
return null;
}
}
catch (Exception ex)
{
return null;
}
}
public ADUserDetail GetUserDetailsByFullName(String FirstName, String MiddleName, String LastName)
{
//givenName
// initials
// sn
//(initials=" + MiddleName + ")(sn=" + LastName + ")
try
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = null;
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
//directorySearch.Filter = "(&(objectClass=user)(givenName=" + FirstName + ") ())";
if (FirstName != "" && MiddleName != "" && LastName != "")
{
directorySearch.Filter = "(&(objectClass=user)(givenName=" + FirstName + ")(initials=" + MiddleName + ")(sn=" + LastName + "))";
}
else if (FirstName != "" && MiddleName != "" && LastName == "")
{
directorySearch.Filter = "(&(objectClass=user)(givenName=" + FirstName + ")(initials=" + MiddleName + "))";
}
else if (FirstName != "" && MiddleName == "" && LastName == "")
{
directorySearch.Filter = "(&(objectClass=user)(givenName=" + FirstName + "))";
}
else if (FirstName != "" && MiddleName == "" && LastName != "")
{
directorySearch.Filter = "(&(objectClass=user)(givenName=" + FirstName + ")(sn=" + LastName + "))";
}
else if (FirstName == "" && MiddleName != "" && LastName != "")
{
directorySearch.Filter = "(&(objectClass=user)(initials=" + MiddleName + ")(sn=" + LastName + "))";
}
SearchResult results = directorySearch.FindOne();
if (results != null)
{
DirectoryEntry user = new DirectoryEntry(results.Path);//, LDAPUser, LDAPPassword);
return ADUserDetail.GetUser(user);
}
return null;
}
}
catch (Exception ex)
{
return null;
}
}
/// <summary>
/// This function will take a DL or Group name and return list of users
/// </summary>
/// <param name="groupName"></param>
/// <returns></returns>
public List<ADUserDetail> GetUserFromGroup(String groupName)
{
List<ADUserDetail> userlist = new List<ADUserDetail>();
try
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = null;
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
directorySearch.Filter = "(&(objectClass=group)(SAMAccountName=" + groupName + "))";
SearchResult results = directorySearch.FindOne();
if (results != null)
{
DirectoryEntry deGroup = new DirectoryEntry(results.Path);//, LDAPUser, LDAPPassword);
System.DirectoryServices.PropertyCollection pColl = deGroup.Properties;
int count = pColl["member"].Count;
for (int i = 0; i < count; i++)
{
string respath = results.Path;
string[] pathnavigate = respath.Split("CN".ToCharArray());
respath = pathnavigate[0];
string objpath = pColl["member"][i].ToString();
string path = respath + objpath;
DirectoryEntry user = new DirectoryEntry(path);//, LDAPUser, LDAPPassword);
ADUserDetail userobj = ADUserDetail.GetUser(user);
userlist.Add(userobj);
user.Close();
}
}
return userlist;
}
}
catch (Exception ex)
{
return userlist;
}
}
#region Get user with First Name
public List<ADUserDetail> GetUsersByFirstName(string fName)
{
using (HostingEnvironment.Impersonate())
{
//UserProfile user;
List<ADUserDetail> userlist = new List<ADUserDetail>();
string filter = "";
_directoryEntry = null;
DirectorySearcher directorySearch = new DirectorySearcher(SearchRoot);
directorySearch.Asynchronous = true;
directorySearch.CacheResults = true;
filter = string.Format("(givenName={0}*", fName);
// filter = "(&(objectClass=user)(objectCategory=person)(givenName="+fName+ "*))";
directorySearch.Filter = filter;
SearchResultCollection userCollection = directorySearch.FindAll();
foreach (SearchResult users in userCollection)
{
DirectoryEntry userEntry = new DirectoryEntry(users.Path);//, LDAPUser, LDAPPassword);
ADUserDetail userInfo = ADUserDetail.GetUser(userEntry);
userlist.Add(userInfo);
}
directorySearch.Filter = "(&(objectClass=group)(SAMAccountName=" + fName + "*))";
SearchResultCollection results = directorySearch.FindAll();
if (results != null)
{
foreach (SearchResult r in results)
{
DirectoryEntry deGroup = new DirectoryEntry(r.Path);//, LDAPUser, LDAPPassword);
ADUserDetail agroup = ADUserDetail.GetUser(deGroup);
userlist.Add(agroup);
}
}
return userlist;
}
}
#endregion
#region AddUserToGroup
public bool AddUserToGroup(string userlogin, string groupName)
{
try
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = null;
ADManager admanager = new ADManager(LDAPDomain);//, LDAPUser, LDAPPassword);
admanager.AddUserToGroup(userlogin, groupName);
return true;
}
}
catch (Exception ex)
{
return false;
}
}
#endregion
#region RemoveUserToGroup
public bool RemoveUserToGroup(string userlogin, string groupName)
{
try
{
using (HostingEnvironment.Impersonate())
{
_directoryEntry = null;
ADManager admanager = new ADManager("xxx");// LDAPUser, LDAPPassword);
admanager.RemoveUserFromGroup(userlogin, groupName);
return true;
}
}
catch (Exception ex)
{
return false;
}
}
#endregion
}
public static class AccountManagementExtensions
{
public static String GetProperty(this Principal principal, String property)
{
DirectoryEntry directoryEntry = principal.GetUnderlyingObject() as DirectoryEntry;
if (directoryEntry.Properties.Contains(property))
return directoryEntry.Properties[property].Value.ToString();
else
return String.Empty;
}
public static String GetCompany(this Principal principal)
{
return principal.GetProperty("company");
}
public static String GetDepartment(this Principal principal)
{
return principal.GetProperty("department");
}
}
public class ADManager
{
PrincipalContext context;
public ADManager()
{
context = new PrincipalContext(ContextType.Machine, "xxx", "xxx", "xxx");
}
public ADManager(string domain, string container)
{
context = new PrincipalContext(ContextType.Domain, domain, container);
}
public ADManager(string domain)//, string username, string password)
{
context = new PrincipalContext(ContextType.Domain);//, username, password);
}
public bool AddUserToGroup(string userName, string groupName)
{
bool done = false;
GroupPrincipal group = GroupPrincipal.FindByIdentity(context, groupName);
if (group == null)
{
group = new GroupPrincipal(context, groupName);
}
UserPrincipal user = UserPrincipal.FindByIdentity(context, userName);
if (user != null & group != null)
{
group.Members.Add(user);
group.Save();
done = (user.IsMemberOf(group));
}
return done;
}
public bool RemoveUserFromGroup(string userName, string groupName)
{
bool done = false;
UserPrincipal user = UserPrincipal.FindByIdentity(context, userName);
GroupPrincipal group = GroupPrincipal.FindByIdentity(context, groupName);
if (user != null & group != null)
{
group.Members.Remove(user);
group.Save();
done = !(user.IsMemberOf(group));
}
return done;
}
}
public static class ADProperties
{
public const String OBJECTCLASS = "objectClass";
public const String CONTAINERNAME = "cn";
public const String LASTNAME = "sn";
public const String COUNTRYNOTATION = "c";
public const String CITY = "l";
public const String STATE = "st";
public const String TITLE = "title";
public const String POSTALCODE = "postalCode";
public const String PHYSICALDELIVERYOFFICENAME = "physicalDeliveryOfficeName";
public const String FIRSTNAME = "givenName";
public const String MIDDLENAME = "initials";
public const String DISTINGUISHEDNAME = "distinguishedName";
public const String INSTANCETYPE = "instanceType";
public const String WHENCREATED = "whenCreated";
public const String WHENCHANGED = "whenChanged";
public const String DISPLAYNAME = "displayName";
public const String USNCREATED = "uSNCreated";
public const String MEMBEROF = "memberOf";
public const String USNCHANGED = "uSNChanged";
public const String COUNTRY = "co";
public const String DEPARTMENT = "department";
public const String COMPANY = "company";
public const String PROXYADDRESSES = "proxyAddresses";
public const String STREETADDRESS = "streetAddress";
public const String DIRECTREPORTS = "directReports";
public const String NAME = "name";
public const String OBJECTGUID = "objectGUID";
public const String USERACCOUNTCONTROL = "userAccountControl";
public const String BADPWDCOUNT = "badPwdCount";
public const String CODEPAGE = "codePage";
public const String COUNTRYCODE = "countryCode";
public const String BADPASSWORDTIME = "badPasswordTime";
public const String LASTLOGOFF = "lastLogoff";
public const String LASTLOGON = "lastLogon";
public const String PWDLASTSET = "pwdLastSet";
public const String PRIMARYGROUPID = "primaryGroupID";
public const String OBJECTSID = "objectSid";
public const String ADMINCOUNT = "adminCount";
public const String ACCOUNTEXPIRES = "accountExpires";
public const String LOGONCOUNT = "logonCount";
public const String LOGINNAME = "sAMAccountName";
public const String SAMACCOUNTTYPE = "sAMAccountType";
public const String SHOWINADDRESSBOOK = "showInAddressBook";
public const String LEGACYEXCHANGEDN = "legacyExchangeDN";
public const String USERPRINCIPALNAME = "userPrincipalName";
public const String EXTENSION = "ipPhone";
public const String SERVICEPRINCIPALNAME = "servicePrincipalName";
public const String OBJECTCATEGORY = "objectCategory";
public const String DSCOREPROPAGATIONDATA = "dSCorePropagationData";
public const String LASTLOGONTIMESTAMP = "lastLogonTimestamp";
public const String EMAILADDRESS = "mail";
public const String MANAGER = "manager";
public const String MOBILE = "mobile";
public const String PAGER = "pager";
public const String FAX = "facsimileTelephoneNumber";
public const String HOMEPHONE = "homePhone";
public const String MSEXCHUSERACCOUNTCONTROL = "msExchUserAccountControl";
public const String MDBUSEDEFAULTS = "mDBUseDefaults";
public const String MSEXCHMAILBOXSECURITYDESCRIPTOR = "msExchMailboxSecurityDescriptor";
public const String HOMEMDB = "homeMDB";
public const String MSEXCHPOLICIESINCLUDED = "msExchPoliciesIncluded";
public const String HOMEMTA = "homeMTA";
public const String MSEXCHRECIPIENTTYPEDETAILS = "msExchRecipientTypeDetails";
public const String MAILNICKNAME = "mailNickname";
public const String MSEXCHHOMESERVERNAME = "msExchHomeServerName";
public const String MSEXCHVERSION = "msExchVersion";
public const String MSEXCHRECIPIENTDISPLAYTYPE = "msExchRecipientDisplayType";
public const String MSEXCHMAILBOXGUID = "msExchMailboxGuid";
public const String NTSECURITYDESCRIPTOR = "nTSecurityDescriptor";
}
public class ADUserDetail
{
private String _firstName;
private String _middleName;
private String _lastName;
private String _loginName;
private String _loginNameWithDomain;
private String _streetAddress;
private String _city;
private String _state;
private String _postalCode;
private String _country;
private String _homePhone;
private String _extension;
private String _mobile;
private String _fax;
private String _emailAddress;
private String _title;
private String _company;
private String _manager;
private String _managerName;
private String _department;
public String Department
{
get { return _department; }
}
public String FirstName
{
get { return _firstName; }
}
public String MiddleName
{
get { return _middleName; }
}
public String LastName
{
get { return _lastName; }
}
public String LoginName
{
get { return _loginName; }
}
public String LoginNameWithDomain
{
get { return _loginNameWithDomain; }
}
public String StreetAddress
{
get { return _streetAddress; }
}
public String City
{
get { return _city; }
}
public String State
{
get { return _state; }
}
public String PostalCode
{
get { return _postalCode; }
}
public String Country
{
get { return _country; }
}
public String HomePhone
{
get { return _homePhone; }
}
public String Extension
{
get { return _extension; }
}
public String Mobile
{
get { return _mobile; }
}
public String Fax
{
get { return _fax; }
}
public String EmailAddress
{
get { return _emailAddress; }
}
public String Title
{
get { return _title; }
}
public String Company
{
get { return _company; }
}
public ADUserDetail Manager
{
get
{
if (!String.IsNullOrEmpty(_managerName))
{
ActiveDirectoryHelper ad = new ActiveDirectoryHelper();
return ad.GetUserByFullName(_managerName);
}
return null;
}
}
public String ManagerName
{
get { return _managerName; }
}
private ADUserDetail(DirectoryEntry directoryUser)
{
String domainAddress;
String domainName;
_firstName = GetProperty(directoryUser, ADProperties.FIRSTNAME);
_middleName = GetProperty(directoryUser, ADProperties.MIDDLENAME);
_lastName = GetProperty(directoryUser, ADProperties.LASTNAME);
_loginName = GetProperty(directoryUser, ADProperties.LOGINNAME);
String userPrincipalName = GetProperty(directoryUser, ADProperties.USERPRINCIPALNAME);
if (!string.IsNullOrEmpty(userPrincipalName))
{
domainAddress = userPrincipalName.Split('@')[1];
}
else
{
domainAddress = String.Empty;
}
if (!string.IsNullOrEmpty(domainAddress))
{
domainName = domainAddress.Split('.').First();
}
else
{
domainName = String.Empty;
}
_loginNameWithDomain = String.Format(@"{0}\{1}", domainName, _loginName);
_streetAddress = GetProperty(directoryUser, ADProperties.STREETADDRESS);
_city = GetProperty(directoryUser, ADProperties.CITY);
_state = GetProperty(directoryUser, ADProperties.STATE);
_postalCode = GetProperty(directoryUser, ADProperties.POSTALCODE);
_country = GetProperty(directoryUser, ADProperties.COUNTRY);
_company = GetProperty(directoryUser, ADProperties.COMPANY);
_department = GetProperty(directoryUser, ADProperties.DEPARTMENT);
_homePhone = GetProperty(directoryUser, ADProperties.HOMEPHONE);
_extension = GetProperty(directoryUser, ADProperties.EXTENSION);
_mobile = GetProperty(directoryUser, ADProperties.MOBILE);
_fax = GetProperty(directoryUser, ADProperties.FAX);
_emailAddress = GetProperty(directoryUser, ADProperties.EMAILADDRESS);
_title = GetProperty(directoryUser, ADProperties.TITLE);
_manager = GetProperty(directoryUser, ADProperties.MANAGER);
if (!String.IsNullOrEmpty(_manager))
{
String[] managerArray = _manager.Split(',');
_managerName = managerArray[0].Replace("CN=", "");
}
}
private static String GetProperty(DirectoryEntry userDetail, String propertyName)
{
if (userDetail.Properties.Contains(propertyName))
{
return userDetail.Properties[propertyName][0].ToString();
}
else
{
return string.Empty;
}
}
public static ADUserDetail GetUser(DirectoryEntry directoryUser)
{
return new ADUserDetail(directoryUser);
}
}
您只需要在AppSettings部分的web.config文件中添加您的LDAP地址。如果需要,您可以添加用户名或密码。另外,只需添加LDAP地址。
<appSettings>
<add key="LDAPPassword" value="" />
<add key="LDAPPath" value="" />
<add key="LDAPUser" value="" />
<add key="LDAPDomain" value="" />
</appSettings>
在项目中包含这些类。现在可以从Active Directory获取所有信息。&#34; ActiveDirectoryHelper.cs&#34;有一些方法。您可以使用它们来重新获取信息。
答案 1 :(得分:4)
尝试查看“mail”属性(不是“Mail”)。
sb.AppendLine("Email = " + de.Properties["mail"].Value.ToString());
以下是AD用户属性参考(如果您想获得其他内容):http://www.kouti.com/tables/userattributes.htm
答案 2 :(得分:1)
上个月,项目经理让我写信从Active目录中查找所有用户信息,以及哪些字段缺少特定用户的信息。我试图在Internet上搜索有关.NET Active Directory示例的信息,我无法在网上找到太多信息,它促使我写了一篇关于这个主题的文章。
在本文中,我将解释如何使用Active Directory类并从组件类中检索数据。您可以剪切并经过下面的代码行并执行它,但您需要在Directory Entry构造函数中传递域名。以下示例摘自我开发的一个项目并进行了修改以便于理解。
在使用此示例之前,我假设您对活动目录有一般性的了解。 第1步:
Add System.DirectoryServices.Dll (from Project Add reference)
System.DirectoryServices可以从托管代码轻松访问活动目录。此命名空间包含两个组件类,DirectoryEntry和DirectorySearcher。 第2步:
Using System.DirectoryServices
目录条目类:此类将节点或对象封装在活动目录层次结构中。使用此类绑定对象,读取属性和更新属性。 第3步:
DirectoryEntry entry = new DirectoryEntry("LDAP://DomainName");
目录搜索器:它将对活动目录层次结构执行查询 第4步:
DirectorySearcher Dsearch = new DirectorySearcher(entry);
第5步: 隐藏复制代码
String Name="Richmond";
Filter属性支持all过滤活动目录的信息。