是否有可用的Active Directory帮助程序类?在我重新发明轮子之前检查一下。
我需要
在AD中验证用户。
获取hhis /她的成员角色。
由于
答案 0 :(得分:10)
在.NET 3.5中,您希望查看System.DirectoryServices.AccountManagement。对于早期版本,版本System.DirectoryServices具有您所需要的功能,但它还需要更多工作。
using (var context = new PrincipalContext( ContextType.Domain ))
{
var valid = context.ValidateCredentials( username, password );
using (var user = UserPrincipal.FindByIdentity( context,
IdentityType.SamAccountName,
username ))
{
var groups = user.GetAuthorizationGroups();
}
}
答案 1 :(得分:3)
以下是我一直使用的一些示例代码:
using System.DirectoryServices;
public static string GetProperty(SearchResult searchResult,
string PropertyName)
{
if (searchResult.Properties.Contains(PropertyName))
return searchResult.Properties[PropertyName][0].ToString();
else
return string.Empty;
}
public MyCustomADRecord Login(string UserName, string Password)
{
string adPath = "LDAP://www.YourCompany.com/DC=YourCompany,DC=Com";
DirectorySearcher mySearcher;
SearchResult resEnt;
DirectoryEntry de = new DirectoryEntry(adPath, UserName, Password,
AuthenticationTypes.Secure);
mySearcher = new DirectorySearcher(de);
string adFilter = "(sAMAccountName=" + UserName + ")";
mySearcher.Filter = adFilter;
resEnt = mySearcher.FindOne();
return new MyCustomADRecord()
{
UserName = GetProperty(resEnt, "sAMAccountName"),
GUID = resEnt.GetDirectoryEntry().NativeGuid.ToString(),
DisplayName = GetProperty(resEnt, "displayName"),
FirstName = GetProperty(resEnt, "givenName"),
MiddleName = GetProperty(resEnt, "initials"),
LastName = GetProperty(resEnt, "sn"),
Company = GetProperty(resEnt, "company"),
JobTitle = GetProperty(resEnt, "title"),
Email = GetProperty(resEnt, "mail"),
Phone = GetProperty(resEnt, "telephoneNumber"),
ExtensionAttribute1 = GetProperty(resEnt, "extensionAttribute1")
};
}
答案 2 :(得分:2)
System.DirectoryServices.ActiveDirectory名称空间
http://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.aspx