从Active Directory中获取用户信息
2005-07-01 02:12
211 查看
从Active Directory中获取用户信息
在用户通过AD验证后《基于Active Directory的用户验证》,下一步检索用户信息并显示。
1. 从AD中检索用户信息
/// <summary>
/// This will return a DirectoryEntry object if the user does exist
/// </summary>
/// <param name="UserName"></param>
/// <returns></returns>
public static DirectoryEntry GetUser(string UserName)
{
//create an instance of the DirectoryEntry
DirectoryEntry de = GetDirectoryObject();
//create instance of the direcory searcher
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot =de;
//set the search filter
deSearch.Filter = "(&(objectClass=user)(objectCategory=person)(sAMAccountName=" + UserName + "))";
deSearch.SearchScope = SearchScope.Subtree;
//find the first instance
SearchResult results= deSearch.FindOne();
//if found then return, otherwise return Null
if(results !=null)
{
de= new DirectoryEntry(results.Path,ADUser,ADPassword,AuthenticationTypes.Secure);
//if so then return the DirectoryEntry object
return de;
}
else
{
return null;
}
}
创建DirectoryEntry对象实例,注意这里的ADUser/ADPassword不是普通用户帐户,而是具有Account Operator或Administrator的权限。 ADPath可以为空,因为轻量目录访问协议 (LDAP) 提供程序依靠 Windows定位器服务来查找客户端的最佳域控制器 (DC)。但是,要利用无服务器绑定功能,客户端必须在 Active Directory 域控制器上具有帐户,而且无服务器绑定所使用的域控制器将始终位于默认域(与执行绑定的线程的当前安全上下文关联的域)中。(From MSDN)
/// <summary>
/// This is an internal method for retreiving a new directoryentry object
/// </summary>
/// <returns></returns>
private static DirectoryEntry GetDirectoryObject()
{
DirectoryEntry oDE;
oDE = new DirectoryEntry(ADPath, ADUser, ADPassword, AuthenticationTypes.Secure);
return oDE;
}
2. 示例-简单显示AD中帐户属性及属性值
这里简单以string的形式输出:
public string GetUserInfo(string UserName)
{
DirectoryEntry objDirEnt= ADHelper.GetUser(UserName);
StringBuilder sbUserInfo = new StringBuilder();
sbUserInfo.Append("Name = " + objDirEnt.Name + Environment.NewLine);
sbUserInfo.Append("Path = " + objDirEnt.Path + Environment.NewLine + Environment.NewLine);
sbUserInfo.Append("SchemaClassName = " + objDirEnt.SchemaClassName + Environment.NewLine);
sbUserInfo.Append("***" + Environment.NewLine);
sbUserInfo.Append("Properties:" + Environment.NewLine);
foreach(String Key in objDirEnt.Properties.PropertyNames)
{
sbUserInfo.AppendFormat("\t{0} = ", Key);
sbUserInfo.Append("");
foreach(Object objValue in objDirEnt.Properties[Key])
{
sbUserInfo.AppendFormat("\t\t{0}" + Environment.NewLine, objValue);
}
}
return sbUserInfo.ToString();
}
也可以直接访问需要的属性:
string strFirstName = =GetProperty(userSearchResult,"givenName");
/// <summary>
/// This is an override that will allow a property to be extracted directly from
/// a searchresult object
/// </summary>
/// <param name="searchResult"></param>
/// <param name="PropertyName"></param>
/// <returns></returns>
public static string GetProperty(SearchResult searchResult, string PropertyName)
{
if(searchResult.Properties.Contains(PropertyName))
{
return searchResult.Properties[PropertyName][0].ToString() ;
}
else
{
return string.Empty;
}
}
具体用户界面User Interface,请参考如下Reference 1.
References:
1. Rickie, 更新Active Directory/Exchange Address Book的小工具
2. Craig Aroa, ADHelper - An Active Directory Class, http://www.c-sharpcorner.com/Code/2002/Sept/ADClass.asp
3. Rickie, 基于Active Directory的用户验证
在用户通过AD验证后《基于Active Directory的用户验证》,下一步检索用户信息并显示。
1. 从AD中检索用户信息
/// <summary>
/// This will return a DirectoryEntry object if the user does exist
/// </summary>
/// <param name="UserName"></param>
/// <returns></returns>
public static DirectoryEntry GetUser(string UserName)
{
//create an instance of the DirectoryEntry
DirectoryEntry de = GetDirectoryObject();
//create instance of the direcory searcher
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot =de;
//set the search filter
deSearch.Filter = "(&(objectClass=user)(objectCategory=person)(sAMAccountName=" + UserName + "))";
deSearch.SearchScope = SearchScope.Subtree;
//find the first instance
SearchResult results= deSearch.FindOne();
//if found then return, otherwise return Null
if(results !=null)
{
de= new DirectoryEntry(results.Path,ADUser,ADPassword,AuthenticationTypes.Secure);
//if so then return the DirectoryEntry object
return de;
}
else
{
return null;
}
}
创建DirectoryEntry对象实例,注意这里的ADUser/ADPassword不是普通用户帐户,而是具有Account Operator或Administrator的权限。 ADPath可以为空,因为轻量目录访问协议 (LDAP) 提供程序依靠 Windows定位器服务来查找客户端的最佳域控制器 (DC)。但是,要利用无服务器绑定功能,客户端必须在 Active Directory 域控制器上具有帐户,而且无服务器绑定所使用的域控制器将始终位于默认域(与执行绑定的线程的当前安全上下文关联的域)中。(From MSDN)
/// <summary>
/// This is an internal method for retreiving a new directoryentry object
/// </summary>
/// <returns></returns>
private static DirectoryEntry GetDirectoryObject()
{
DirectoryEntry oDE;
oDE = new DirectoryEntry(ADPath, ADUser, ADPassword, AuthenticationTypes.Secure);
return oDE;
}
2. 示例-简单显示AD中帐户属性及属性值
这里简单以string的形式输出:
public string GetUserInfo(string UserName)
{
DirectoryEntry objDirEnt= ADHelper.GetUser(UserName);
StringBuilder sbUserInfo = new StringBuilder();
sbUserInfo.Append("Name = " + objDirEnt.Name + Environment.NewLine);
sbUserInfo.Append("Path = " + objDirEnt.Path + Environment.NewLine + Environment.NewLine);
sbUserInfo.Append("SchemaClassName = " + objDirEnt.SchemaClassName + Environment.NewLine);
sbUserInfo.Append("***" + Environment.NewLine);
sbUserInfo.Append("Properties:" + Environment.NewLine);
foreach(String Key in objDirEnt.Properties.PropertyNames)
{
sbUserInfo.AppendFormat("\t{0} = ", Key);
sbUserInfo.Append("");
foreach(Object objValue in objDirEnt.Properties[Key])
{
sbUserInfo.AppendFormat("\t\t{0}" + Environment.NewLine, objValue);
}
}
return sbUserInfo.ToString();
}
也可以直接访问需要的属性:
string strFirstName = =GetProperty(userSearchResult,"givenName");
/// <summary>
/// This is an override that will allow a property to be extracted directly from
/// a searchresult object
/// </summary>
/// <param name="searchResult"></param>
/// <param name="PropertyName"></param>
/// <returns></returns>
public static string GetProperty(SearchResult searchResult, string PropertyName)
{
if(searchResult.Properties.Contains(PropertyName))
{
return searchResult.Properties[PropertyName][0].ToString() ;
}
else
{
return string.Empty;
}
}
具体用户界面User Interface,请参考如下Reference 1.
References:
1. Rickie, 更新Active Directory/Exchange Address Book的小工具
2. Craig Aroa, ADHelper - An Active Directory Class, http://www.c-sharpcorner.com/Code/2002/Sept/ADClass.asp
3. Rickie, 基于Active Directory的用户验证
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 超强获取计算机信息类(可获取cpu序列号,网卡地址,ip地址,硬盘id,登录系统用户,计算机名等等)
- C# 获取AD用户信息
- Java微信公众平台开发(十二)——微信用户信息的获取
- 微信获取用户信息实例
- 微信小程序授权获取用户详细信息openid
- 获取所有用户表及根据表Id取得表字段信息
- 微信公众平台开发(71) 网页授权获取用户基本信息
- 步步为营VS 2008 + .NET 3.5(13) - DLINQ(LINQ to SQL)之用户自定义函数、在不同的DataContext之间做更新、缓存、获取信息、数据加载选项和延迟加载
- 微信网页开发之网页授权获取用户信息
- 解决 CAS + Spring Security整合 无法获取当前登录用户信息
- 微信开发--怎么获取用户的信息(openid)
- 微信公众号的搭建-第六天-获取微信用户的基本信息
- LDAP方式连接AD获取用户信息
- 微信开发--网页授权获取用户基本信息
- 微信公众号开发-微信网页授权获取用户openid以及用户信息的步骤
- 微信公众号开发 自定义菜单跳转页面并获取用户信息实例详解
- 微信授权登录并获取用户信息接口开发
- 获取保存在沙盒中plist文件的用户的字典信息
- 服务号-获取用户基本信息
- 微信网页授权获取用户基本信息