我正在尝试尽快了解Active Directory,但到目前为止我还没有成功。我有这个代码返回其他人写的AD的所有用户,我应该改变它,以便它只返回指定组的用户。我试图更多地了解AD,希望解决方案能够出现,但到目前为止还没有运气。那么也许有人可以帮助我?这是我的代码。
adSearch.Filter = "(&(objectClass=user))";
string groupName = System.Configuration.ConfigurationManager.AppSettings["ADGroupName"];
string domain = adSearch.SearchRoot.Properties["dc"].Value.ToString();
DomainLabel.Text = domain + " accounts:";
foreach (SearchResult sResultSet in adSearch.FindAll())
{
if (!GetProperty(sResultSet, "givenName").Equals("") && !GetProperty(sResultSet, "sn").Equals(""))
{
string userAccountControl = GetProperty(sResultSet, "useraccountcontrol");
bool x = userAccountControl.Equals("512") || userAccountControl.Equals("66048");
if (x)
{
ListItem tempItem = new ListItem();
unsortedList.Add(GetProperty(sResultSet, "givenName") + " " + GetProperty(sResultSet, "sn"));
tempItem.Text = GetProperty(sResultSet, "givenName") + " " + GetProperty(sResultSet, "sn");
tempItem.Value = GetProperty(sResultSet, "sAMAccountName");
values.Add(tempItem);
}
}
}
答案 0 :(得分:1)
我已经以这种方式完成了这项工作,如果它在SecurityGroup中检查用户名。您可以在ActiveDirectory中获取用户,然后像这样检查
public bool IsInSecurityGroup(string UserName)
{
bool _isInsecurityGroup;
string GroupName ="GroupName";
System.Security.Principal.WindowsIdentity MyIdentity =
System.Security.Principal.WindowsIdentity.GetCurrent();
System.Security.Principal.WindowsPrincipal MyPrincipal = new
System.Security.Principal.WindowsPrincipal(MyIdentity);
return (MyPrincipal.IsInRole(GroupName)) ? true : false;
}
要检查多个用户,它应该适合您Getting Users From SecurityGroup 或者GroupPrincipal.GetMembers Method