我试图在我的代码中运行一些东西时有点困难。
我要做的是弄清楚某人是否是任何一个群组的成员。我并不担心具体是哪一组,我只想知道:
"用户" X"这个群组中至少有一个的成员?"
好消息是,所有这些组名都以同样的方式开始:
以下是我用来检查特定群组的内容:
Dim ctx As DirectoryServices.AccountManagement.PrincipalContext = New DirectoryServices.AccountManagement.PrincipalContext(DirectoryServices.AccountManagement.ContextType.Domain, "net.mydomain.co.uk")
Dim user As DirectoryServices.AccountManagement.UserPrincipal = DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(ctx, tbxuserID.Text)
Dim googleFull As DirectoryServices.AccountManagement.GroupPrincipal = DirectoryServices.AccountManagement.GroupPrincipal.FindByIdentity(ctx, "Google-FullAccess")
If user.IsMemberOf(googleFull) Then
GoogleAccess = 1
GoTo Proceed
End If
然后我重复这段代码来检查下一组,依此类推。
我是否有办法调整此选项以检查以开头的任何群组" Google - "?这是我想做的事,但显然不起作用:
Dim googleCheck As DirectoryServices.AccountManagement.GroupPrincipal = DirectoryServices.AccountManagement.GroupPrincipal.FindByIdentity(ctx, "Google-*")
非常感谢!
答案 0 :(得分:0)
我找到了解决方案!以下适用于我(在将DistinguishedName存储并存储在先前查询的String变量中之后 - 我还事先将GoogleCheck声明为布尔变量):
Dim rootEntry As DirectoryServices.DirectoryEntry = New DirectoryServices.DirectoryEntry("LDAP://DC=net,DC=mydomain,DC=co,DC=uk")
Dim srch As DirectoryServices.DirectorySearcher = New DirectoryServices.DirectorySearcher(rootEntry)
srch.SearchScope = DirectoryServices.SearchScope.Subtree
srch.Filter = "(&(CN=Google-*)(objectCategory=group)(member=" + DistinguishedName + "))"
Dim res = srch.FindOne()
If res IsNot Nothing Then
GoogleCheck = True
Else
GoogleCheck = False
End If