如何找到属于一组用户的AD，和刚刚获得他们的SAM帐户名和SID？

本文介绍了如何找到属于一组用户的AD，和刚刚获得他们的SAM帐户名和SID？的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我只是希望用户能够在一组的名称在文本框中输入，并返回只是他们的登录名和他们的SID。

到目前为止，我都这样了，加载的用户组中，但即时通讯不能确定如何提取的登录名和SID。

信息搜索结果的结果;             DirectorySearcher从搜索=新DirectorySearcher从（）;             sea​​rch.Filter =的String.Format（（CN = {0}），txtGroup.Text）;             sea​​rch.PropertiesToLoad.Add（会员）;             sea​​rch.PropertiesToLoad.Add（CN）;             sea​​rch.PropertiesToLoad.Add（的objectGUID）;             结果= search.FindOne（）;             StringBuilder的用户名=新的StringBuilder（）;             如果（结果！= NULL）             {                 对于（INT计数器= 0;反＆LT;                 result.Properties [成员]计数。计数器++）                 {                     字符串用户=（字符串）result.Properties [成员] [计数器]                     userNames.AppendLine（用户）;                 }             }             lblResults.Text = userNames.ToString（）;

解决方案

该propertie至极包含SID叫做的objectSID 和propertie至极含有次登录时 sAMAccountName赋的NT4兼容的版本和的UserPrincipalName 。你最好用@Virkkunen咨询工作。

静态无效的主要（字串[] args） {   / *连接到Active Directory    * /   的DirectoryEntry贬低=新的DirectoryEntry（LDAP：//192.168.183.138：389 / DC =兴业，DC = FR，administrateur，PWD）;   / *目录搜索    * /   DirectorySearcher从dsLookForGrp =新DirectorySearcher从（贬低）;   dsLookForGrp.Filter =的String.Format（（CN = {0}），yourgroup）;   dsLookForGrp.SearchScope = SearchScope.Subtree;   dsLookForGrp.PropertiesToLoad.Add（的distinguishedName）;   信息搜索结果srcGrp = dsLookForGrp.FindOne（）;   / *目录搜索    * /   DirectorySearcher从dsLookForUsers =新DirectorySearcher从（贬低）;   dsLookForUsers.Filter =的String.Format（（及（objectCategory属性=人）（的memberOf = {0}）），srcGrp.Properties [的distinguishedName] [0]）;   dsLookForUsers.SearchScope = SearchScope.Subtree;   dsLookForUsers.PropertiesToLoad.Add（的objectSID）;   dsLookForUsers.PropertiesToLoad.Add（的UserPrincipalName）;   dsLookForUsers.PropertiesToLoad.Add（sAMAccountName赋）;   SearchResultCollection srcLstUsers = dsLookForUsers.FindAll（）;   的foreach（在srcLstUsers信息搜索结果sruser）   {     Console.WriteLine（{0}，sruser.Path）;     的SecurityIdentifier SID =新的SecurityIdentifier（（字节[]）sruser.Properties [的objectSID] [0]，0）;     Console.WriteLine（sid.ToString（））;     的foreach（在sruser.Properties.PropertyNames字符串属性）     {       Console.WriteLine（\ t {0} {1}，财产，sruser.Properties [属性] [0]）;     }   } }

I just want a user to be able to type in a group name in a textbox, and return just their login name and their SID.

So far i have this, and that loads the users in the group but im unsure how to extract the login and SID.

SearchResult result; DirectorySearcher search = new DirectorySearcher(); search.Filter = String.Format("(cn={0})", txtGroup.Text); search.PropertiesToLoad.Add("member"); search.PropertiesToLoad.Add("cn"); search.PropertiesToLoad.Add("objectGUID"); result = search.FindOne(); StringBuilder userNames = new StringBuilder(); if (result != null) { for (int counter = 0; counter < result.Properties["member"].Count; counter++) { string user = (string)result.Properties["member"][counter]; userNames.AppendLine(user); } } lblResults.Text = userNames.ToString();

解决方案

The propertie wich contains SID is called objectSid, and the propertie wich contain th login is sAMAccountName for the NT4 compatible version and userPrincipalName. You'd better work with @Virkkunen advice.

static void Main(string[] args) { /* Connection to Active Directory */ DirectoryEntry deBase = new DirectoryEntry("LDAP://192.168.183.138:389/dc=societe,dc=fr", "administrateur", "pwd"); /* Directory Search */ DirectorySearcher dsLookForGrp = new DirectorySearcher(deBase); dsLookForGrp.Filter = String.Format("(cn={0})", "yourgroup"); dsLookForGrp.SearchScope = SearchScope.Subtree; dsLookForGrp.PropertiesToLoad.Add("distinguishedName"); SearchResult srcGrp = dsLookForGrp.FindOne(); /* Directory Search */ DirectorySearcher dsLookForUsers = new DirectorySearcher(deBase); dsLookForUsers.Filter = String.Format("(&(objectCategory=person)(memberOf={0}))", srcGrp.Properties["distinguishedName"][0]); dsLookForUsers.SearchScope = SearchScope.Subtree; dsLookForUsers.PropertiesToLoad.Add("objectSid"); dsLookForUsers.PropertiesToLoad.Add("userPrincipalName "); dsLookForUsers.PropertiesToLoad.Add("sAMAccountName"); SearchResultCollection srcLstUsers = dsLookForUsers.FindAll(); foreach (SearchResult sruser in srcLstUsers) { Console.WriteLine("{0}", sruser.Path); SecurityIdentifier sid = new SecurityIdentifier((byte[]) sruser.Properties["objectSid"][0], 0); Console.WriteLine(sid.ToString()); foreach (string property in sruser.Properties.PropertyNames) { Console.WriteLine("\t{0} : {1} ", property, sruser.Properties[property][0]); } } }