迭代AD中的用户组并将其保存在列表中
本文关键字:保存 存在 列表 AD 用户组 迭代 | 更新日期: 2023-09-27 18:03:45
我有一个从AD中检索用户节点的过程:
public static void ConnectActiveDirectory()
{
List<string> lstGroups = new List<string>();
DirectoryEntry entry;
string user = "username";
string server = ConfigurationManager.AppSettings["ActiveDirectory.Server"];
entry = new DirectoryEntry(@"LDAP://" + server);
DirectorySearcher searcher = new DirectorySearcher(entry);
searcher.Filter = "sAMAccountName=" + user;
searcher.PropertiesToLoad.Add("MemberOf");
SearchResult result = searcher.FindOne();
}
这个想法是保存字符串列表中的所有组,而不需要做如下操作:
foreach (ResultPropertyValueCollection s in result.Properties.Values)
{
string groupname = null;
for (int i = 0; i < s.Count; i++)
{
dn = s[i].ToString();
equalsIndex = dn.IndexOf("=", 1);
commaIndex = dn.IndexOf(",", 1);
groupname = dn.Substring((equalsIndex + 1), (commaIndex - equalsIndex) - 1);
lstGroups.Add(groupname);
}
}
是否有任何方法,我可以在'DirectorySearcher'类使用?
还有,有没有办法删除第一个哈希表?
您可以使用DirectoryEntry
对象向AD请求显示名称,而不是自己解析专有名称。例如:
var directoryEntry = new DirectoryEntry(@"LDAP://address");
var directorySearcher = new DirectorySearcher(directoryEntry);
directorySearcher.Filter = "samaccountname=user";
directorySearcher.PropertiesToLoad.Add("memberOf");
var result = directorySearcher.FindOne();
foreach (var i in result.Properties["memberOf"])
{
var group = new DirectoryEntry(@"LDAP://" + i);
Console.WriteLine(group.Properties["DisplayName"]);
}