if (DomainHelpers.DomainExists(ConnectionString))
{
using(var baseDirectory = new DirectoryEntry(ConnectionString))
{
baseDirectory.Username = Username;
baseDirectory.Password = Password;
using (DirectorySearcher searcher = new DirectorySearcher())
{
searcher.SearchRoot = baseDirectory;
searcher.Filter = "(objectCategory=user)";
searcher.SearchScope = SearchScope.Subtree;
var userResults = searcher.FindAll();
foreach (SearchResult user in userResults)
{
var newUser = new User();
newUser.Name = user.Properties["name"][0].ToString();
newUser.Path = user.Path;
//.Groups is just a List<string>.
newUser.Groups = user.Properties?????
_users.Add(newUser);
}
}
}
}
如何检索用户所属的群组?
谢谢! :)
答案 0 :(得分:1)
user.Properties["memberOf"]
不要忘记在searcher.PropertiesToLoad.Add("memberOf");
...searcher.FindAll()
填充您的财产:
//.Groups is just a List<string>.
foreach(object group in user.Properties["memberOf"])
newUser.Groups.Add((string)group);
答案 1 :(得分:0)
您应该使用System.DirectoryServices.AccountManagement。这更容易。这是一个很好的代码项目article,为您提供此DLL中所有类的概述。
使用DirectoryEntry很难做到正确。首先,获取memberOf属性不会为您提供主要组。此外,如果用户具有来自其他域的域本地组,则它不会显示在memberOf属性中。您可以查看here了解详细信息。以下是切换到使用System.DirectoryServices.AccountManagement时代码的样子。以下代码可以找到此用户分配给的直接组,其中包括主要组。
UserPrincipal user = UserPrincipal.FindByIdentity(new PrincipalContext (ContextType.Domain, "mydomain.com"), IdentityType.SamAccountName, "username");
foreach (GroupPrincipal group in user.GetGroups())
{
Console.Out.WriteLine(group);
}