如何通过Active Directory中的LDAP路径检索特定用户

时间:2017-01-13 14:24:56

标签: c# active-directory ldap

我遇到问题,找到合适的界面,以便在我拥有AD路径时从AD获取用户。我无法在互联网上找到任何东西,社区通常使用PrincipalSearcher,但我想知道如果你可以使用LDAP路径作为参数。有没有人有这方面的经验?

Kindest Regards。

1 个答案:

答案 0 :(得分:0)

您可以使用DirectoryEntry:

public static bool GetAdUser(string userLoginID, out string userFirstName,
        out string userLastName, out string userEmailAddress)
{
    bool foundUser = false;
    userFirstName = null;
    userLastName = null;
    userEmailAddress = null;

    DirectoryEntry activeDirectory = new DirectoryEntry("LDAP://MyDomainName.local", null, null, 
        AuthenticationTypes.ReadonlyServer);  // supply username and password parameters if needed

    try
    {
        DirectorySearcher adSearcher = new DirectorySearcher(activeDirectory);
        adSearcher.SearchScope = SearchScope.Subtree;
        adSearcher.Filter = string.Format("(&(objectCategory=user)(|(SAMAccountName={0})))", userLoginID);

        string[] adPropertyNames =
        {
            "sn",
            "givenname",
            "mail"
            // add more AD attributes to retrieve here as needed
        };

        foreach (string propertyName in adPropertyNames)
            adSearcher.PropertiesToLoad.Add(propertyName);

        SearchResultCollection userSearchResult = adSearcher.FindAll();

        if (userSearchResult != null)
        {
            foreach (SearchResult adAccount in userSearchResult)
            {
                foundUser = true;
                ResultPropertyCollection accountProperties = adAccount.Properties;

                if (accountProperties != null)
                {
                    userFirstName = GetAdAccountPropertyValue(accountProperties, "givenname");
                    userLastName = GetAdAccountPropertyValue(accountProperties, "sn");
                    userEmailAddress = GetAdAccountPropertyValue(accountProperties, "mail");
                    // add more here as needed
                }
            }
        }
    }
    catch (Exception ex)
    {
        // log something
    }

    return foundUser;
}

private static string GetAdAccountPropertyValue(ResultPropertyCollection adAccountProperties, string propertyName)
{
    string result = null;

    ResultPropertyValueCollection adAccountPropertyValues = adAccountProperties[propertyName];

    if (adAccountPropertyValues != null)
    {
        result = String.Empty;  // property is valid at this point, so initialize its value to empty to show this

        if (adAccountPropertyValues.Count > 0)
        {
            object adAccountPropertyValue = adAccountPropertyValues[0];
            result = adAccountPropertyValue.ToString();
        }
    }

    return result;
}
相关问题
最新问题