C# - GroupPrincipal.GetMembers(true) - which group?
本文关键字:which group GroupPrincipal GetMembers true | 更新日期: 2023-09-27 18:26:52
所以我正在尝试递归枚举AD组成员身份。此刻我。。。
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "mine.domain.com");
GroupPrincipal grp = GroupPrincipal.FindByIdentity(ctx, IdentityType.Name, "myADGroup");
if (grp != null)
{
foreach (Principal p in grp.GetMembers(true))
{
Console.WriteLine(p.Name);
}
}
当然,这一切都很好。它列出了作为组成员的每个用户以及嵌套在其中的组成员的所有用户,无论嵌套级别有多深。这太棒了。
我真正需要的是了解用户来自这个小嵌套中的组。
GRP-MainProject
-- GRP-Producers
-- GRP-Artists
-- UserA
对GRP MainProject运行我当前的查询将返回UserA-我应该如何返回用户,以及他继承GRP MainProject成员资格的是GRP Artists这一事实?
UserA是大约40个组的成员,如果这很重要的话编辑-值得一提的是,用户可以拥有来自多个嵌套组的组成员资格
任何想法都将不胜感激。
也许可以试试这样的东西:
声明组对象的静态列表(GroupPrincipal、整数级和父级GroupPrincipar的简单类)
public class SomeDirTraverser
{
private static List<GroupObj> _groups = new List<GroupObj>();
public List<string> GetMembershipWithPath(string groupname)
{
List<string> retVal = new List<string>();
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
GroupPrincipal grp = GroupPrincipal.FindByIdentity(ctx, IdentityType.Name, groupname);
if (grp != null)
{
BuildHList(grp, 0, null);
foreach (UserPrincipal usr in grp.GetMembers(true))
retVal.Add(GetMbrPath(usr));
}
return retVal;
}
private void BuildHList(GroupPrincipal node, int level, GroupPrincipal parent)
{
PrincipalSearchResult<Principal> rslts = node.GetMembers();
_groups.Add(new GroupObj() { Group = node, Level = level, Parent = parent });
foreach (GroupPrincipal grp in rslts.Where(g => g is GroupPrincipal))
BuildHList(grp, level + 1, node);
}
private string GetMbrPath(UserPrincipal usr)
{
Stack<string> output = new Stack<string>();
StringBuilder retVal = new StringBuilder();
GroupObj fg = null, tg = null;
output.Push(usr.Name);
foreach (GroupObj go in _groups)
{
if (usr.IsMemberOf(go.Group))
{
output.Push(go.Group.Name);
fg = go;
while (fg.Parent != null)
{
output.Push(fg.Parent.Name);
tg = (from g in _groups where g.Group == fg.Parent select g).FirstOrDefault();
fg = tg;
}
break;
}
}
while (output.Count > 1)
retVal.AppendFormat("{0} ->", output.Pop());
retVal.Append(output.Pop());
return retVal.ToString();
}
}
public class GroupObj
{
public GroupPrincipal Group { get; set; }
public int Level { get; set; }
public GroupPrincipal Parent { get; set; }
}
这个看起来应该给你想要的。
怎么样:
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "mine.domain.com");
GroupPrincipal grp = GroupPrincipal.FindByIdentity(ctx, IdentityType.Name, "myADGroup");
if (grp != null)
{
foreach (UserPrincipal user in grp.GetMembers(true))
{
Console.WriteLine("User: {0}", user.Name);
foreach (Principal userGroup in user.GetGroups(ctx))
{
Console.WriteLine(" - Member of Group: {0}", userGroup.Name);
}
}
}