我工作在.NET 2.0和需要找回某个广告组的所有用户。我有一个不返回该组的所有成员下面的方法,但它不返回具有传递组作为主要的用户群。什么我需要做的就是这些用户包括在内?
///<总结> ///获取该组孩子的用户。 ///< /总结> ///< PARAM NAME =parentGroup>在母集团< /参数> ///<返回>< /回报> 公开名单< ADUser便有> GetGroupChildUsers(广告组parentGroup) { 名单< ADUser便有>名单=新的名单,其中,ADUser便有>(); 的DirectoryEntry条目= GetDirectoryEntry(LdapBaseString); DirectorySearcher从搜索=新DirectorySearcher从(输入); searcher.Filter =的String.Format((及(objectCategory属性=人)(的memberOf = {0})),parentGroup.DN); searcher.PropertiesToLoad.Add(的objectGUID); searcher.SizeLimit = MaxReturnCount; SearchResultCollection结果= searcher.FindAll(); 的foreach(信息搜索结果导致的结果){ GUID GUID =新的GUID((字节[])result.Properties [的objectGUID] [0]); list.Add(GetUserByGuid(GUID)); } 如果(list.Count&所述; = 0){ 返回null; } 其他 { 返回列表; } }解决方案
用户的主要组是由用户的 primaryGroupID 属性给出。事实上 primaryGroupID 包含RID的字符串格式的主组。这就是为什么,我先帮你寻找的用户组的SID,那么我计算(不好)的RID,我搜索用户提供了 primaryGroupID 包含RID
/ *连接到Active Directory * / 的DirectoryEntry贬低=新的DirectoryEntry(LDAP:// WM2008R2ENT:389 / DC = DOM,DC = FR); / *目录搜索agroup * / 字符串givenGrpName =MonGrpSec; DirectorySearcher从dsLookFor =新DirectorySearcher从(贬低); dsLookFor.Filter =的String.Format((sAMAccountName赋= {0}),givenGrpName); dsLookFor.SearchScope = SearchScope.Subtree; dsLookFor.PropertiesToLoad.Add(CN); dsLookFor.PropertiesToLoad.Add(的objectSID); 信息搜索结果srcGrp = dsLookFor.FindOne(); / *获取SID * / 的SecurityIdentifier secId =新的SecurityIdentifier(srcGrp.Properties [的objectSID] [0]作为字节[],0); / *查找的RID(肯定存在一个最好的方法) * / 正则表达式REGRID =新的正则表达式(@^ S * - (\ d +)$); 比赛matchRID = regRID.Match(secId.Value); 字符串SRID = matchRID.Groups [1] .value的; / *电话号码簿搜索用户具有特定主组 * / DirectorySearcher从dsLookForUsers =新DirectorySearcher从(贬低); dsLookForUsers.Filter =的String.Format((primaryGroupID = {0}),SRID); dsLookForUsers.SearchScope = SearchScope.Subtree; dsLookForUsers.PropertiesToLoad.Add(CN); SearchResultCollection srcUsers = dsLookForUsers.FindAll(); 的foreach(在srcUsers信息搜索结果的用户) { Console.WriteLine({0} {1}的主组,givenGrpName,user.Properties [CN] [0]); }I'm working in 2.0 and need to retrieve all the users of a given AD group. I have the following method that does return all the members of the group, but it does not return users that have the passed group as their primary group. What do I need to do to get those users included as well?
/// <summary> /// Gets the group child users. /// </summary> /// <param name="parentGroup">The parent group.</param> /// <returns></returns> public List<ADUser> GetGroupChildUsers(ADGroup parentGroup) { List<ADUser> list = new List<ADUser>(); DirectoryEntry entry = GetDirectoryEntry(LdapBaseString); DirectorySearcher searcher = new DirectorySearcher(entry); searcher.Filter = string.Format("(&(objectCategory=person)(memberOf={0}))", parentGroup.DN); searcher.PropertiesToLoad.Add("objectGUID"); searcher.SizeLimit = MaxReturnCount; SearchResultCollection results = searcher.FindAll(); foreach (SearchResult result in results) { Guid guid = new Guid((byte[])result.Properties["objectGUID"][0]); list.Add(GetUserByGuid(guid)); } if (list.Count <= 0) { return null; } else { return list; } }解决方案
The primary group of a user is given by primaryGroupID attribute of a user. In fact primaryGroupID contains the RID of the primary group in a string format. That's why, I first get the SID of the group you are looking for users, then I compute (badly) the RID, and I search for users with a primaryGroupID containing the RID.
/* Connection to Active Directory */ DirectoryEntry deBase = new DirectoryEntry("LDAP://WM2008R2ENT:389/dc=dom,dc=fr"); /* Directory Search for agroup */ string givenGrpName = "MonGrpSec"; DirectorySearcher dsLookFor = new DirectorySearcher(deBase); dsLookFor.Filter = string.Format ("(sAMAccountName={0})", givenGrpName); dsLookFor.SearchScope = SearchScope.Subtree; dsLookFor.PropertiesToLoad.Add("cn"); dsLookFor.PropertiesToLoad.Add("objectSid"); SearchResult srcGrp = dsLookFor.FindOne(); /* Get the SID */ SecurityIdentifier secId = new SecurityIdentifier(srcGrp.Properties["objectSid"][0] as byte[], 0); /* Find The RID (sure exists a best method) */ Regex regRID = new Regex(@"^S.*-(\d+)$"); Match matchRID = regRID.Match(secId.Value); string sRID = matchRID.Groups[1].Value; /* Directory Search for users that has a particular primary group */ DirectorySearcher dsLookForUsers = new DirectorySearcher(deBase); dsLookForUsers.Filter = string.Format("(primaryGroupID={0})", sRID); dsLookForUsers.SearchScope = SearchScope.Subtree; dsLookForUsers.PropertiesToLoad.Add("cn"); SearchResultCollection srcUsers = dsLookForUsers.FindAll(); foreach (SearchResult user in srcUsers) { Console.WriteLine("{0} is the primary group of {1}", givenGrpName, user.Properties["cn"][0]); }
更多推荐
如何检索用户在一组,包括小学组用户
发布评论