我可以使用以下查询我的Active Directory组:
open System.DirectoryServices.AccountManagement
let specialGroups () =
let ctx = new PrincipalContext(
contextType = ContextType.Domain,
name = "domain.net",
container = "DC=domain,DC=net")
let allGroups = new GroupPrincipal(ctx, "*")
let srch = new PrincipalSearcher(allGroups)
[| for group in srch.FindAll() -> group |]
如何像PowerShell一样添加某些属性,例如Mail?
Get-ADGroup "GROUPNAME.UG" -Properties Mail
答案 0 :(得分:2)
您可以通过检索基础DirectoryEntry对象,然后访问其Properties集合来获取属性。这是一个为getProperty对象定义Principal函数,然后使用它对"Mail"属性进行过滤的示例:
open System.DirectoryServices
open System.DirectoryServices.AccountManagement
let getProperty name (group: Principal) =
let entry = group.GetUnderlyingObject() |> unbox<DirectoryEntry>
[| for value in entry.Properties.[name] -> value |> string |]
let specialGroups () =
let ctx = new PrincipalContext(
contextType = ContextType.Domain,
name = "domain.net",
container = "DC=domain,DC=net")
let allGroups = new GroupPrincipal(ctx, "*")
let srch = new PrincipalSearcher(allGroups)
[| for group in srch.FindAll() |> Seq.filter (getProperty "Mail" >> Array.isEmpty) -> group |]