< \ RESOLVED>,请参阅第一个答复
我的mac(10.9)已加入AD域.在我的程序中,我试图识别当前登录用户是本地帐户还是AD用户.通过使用以下代码,我可以成功地区分它们.
My mac(10.9) has joined into a AD domain. In my program, I tried to recognize whether the current login user is local account or AD user. I can successfully distinguish them by using the following code.
+ (bool)isLocalUser:(NSString*)user { NSError *dirSearchError = nil; ODRecord *foundUser = findUser(user, &dirSearchError); if(foundUser !=nil) { return YES; }else { return NO; } } ODRecord *findUser(NSString *user, NSError **error) { NSLog(@"[MacLogonUI] findUser"); ODNode *searchNode = [ODNode nodeWithSession: [ODSession defaultSession] type: kODNodeTypeLocalNodes error: error]; if (searchNode == nil) { return nil; } NSDictionary *nodeInfo = [searchNode nodeDetailsForKeys:nil error:error]; /* query this node for the user record we're interested in. * We only need one result, which is why maximumResults is set to 1. */ ODQuery *userSearch = [ODQuery queryWithNode: searchNode forRecordTypes: kODRecordTypeUsers attribute: kODAttributeTypeRecordName matchType: kODMatchEqualTo queryValues: user returnAttributes: kODAttributeTypeStandardOnly maximumResults: 1 error: error]; if (userSearch == nil) { return nil; } /* For this example we'll use a synchronous search. This could take a while * so asynchronous searching is preferable. */ NSArray *foundRecords = [userSearch resultsAllowingPartial: NO error: error]; if (foundRecords == nil || [foundRecords count] == 0) { return nil; } ODRecord *userRecord = [foundRecords objectAtIndex: 0]; return [[userRecord retain] autorelease]; }当AD用户创建移动卡时,它被视为托管用户(从系统"偏好设置->用户和组"中).该代码还将此类AD用户识别为本地用户.如何处理这种情况?
While when the AD user create a mobile card, it is viewed as a managed user(from the System preference -> Users & Groups). The code also recognize this kind of AD user as local. How to deal with this kind of situation?
你们对这个问题有任何想法吗?
Do you guys have any idea of this problem?
推荐答案我自己解决了这个问题.希望以下代码有帮助:
#import "DasUser.h" #import <OpenDirectory/OpenDirectory.h> #import <Collaboration/Collaboration.h> @implementation DasUser + (bool)isLocalUser:(NSString*)user { NSError *dirSearchError = nil; ODRecord *foundUser = findUser(user, &dirSearchError); if(foundUser !=nil) { return YES; }else { return NO; } } ODRecord *findUser(NSString *user, NSError **error) { NSLog(@"[MacLogonUI] findUser"); CSIdentityAuthorityRef defaultAuthority = CSGetManagedIdentityAuthority(); CSIdentityClass identityClass = kCSIdentityClassUser; CSIdentityQueryRef query = CSIdentityQueryCreate(NULL, identityClass, defaultAuthority); CFErrorRef err = NULL; CSIdentityQueryExecute(query, 0, &err); CFArrayRef results = CSIdentityQueryCopyResults(query); int numResults = CFArrayGetCount(results); NSMutableArray * managedUsers = [NSMutableArray array]; for (int i = 0; i < numResults; ++i) { CSIdentityRef identity = (CSIdentityRef)CFArrayGetValueAtIndex(results, i); CBIdentity * identityObject = [CBIdentity identityWithCSIdentity:identity]; NSString* posixName = [identityObject posixName]; [managedUsers addObject:posixName]; } CFRelease(results); CFRelease(query); ODNode *searchNode = [ODNode nodeWithSession: [ODSession defaultSession] type: kODNodeTypeLocalNodes error: error]; if (searchNode == nil) { return nil; } /* query this node for the user record we're interested in. * We only need one result, which is why maximumResults is set to 1. */ ODQuery *userSearch = [ODQuery queryWithNode: searchNode forRecordTypes: kODRecordTypeUsers attribute: kODAttributeTypeRecordName matchType: kODMatchEqualTo queryValues: user returnAttributes: kODAttributeTypeStandardOnly maximumResults: 1 error: error]; if (userSearch == nil) { return nil; } /* For this example we'll use a synchronous search. This could take a while * so asynchronous searching is preferable. */ NSArray *foundRecords = [userSearch resultsAllowingPartial: NO error: error]; if([foundRecords count]>0) { NSString *nameStr = [foundRecords[0] recordName]; NSLog(@"[MacLogonUI] findUser nameStr %@", nameStr); int j; for( j = 0; j<[managedUsers count]; j++) { if([nameStr isEqualToString:managedUsers[j]]) { break; } } if(j<[managedUsers count]) { foundRecords = nil; } } if (foundRecords == nil || [foundRecords count] == 0) { return nil; } ODRecord *userRecord = [foundRecords objectAtIndex: 0]; return [[userRecord retain] autorelease]; } @end当mac的网络断开连接时.无法列出受管理的用户.有没有人对此有任何想法?
更多推荐
(Objective
发布评论