ASP.NET 如何获取 Active Directory 中的组列表
Posted
技术标签:
【中文标题】ASP.NET 如何获取 Active Directory 中的组列表【英文标题】:ASP.NET How to get List of Groups in Active Directory 【发布时间】:2010-09-24 07:47:21 【问题描述】:如何在我的 Active Directory 中获取完整的组列表?
【问题讨论】:
【参考方案1】:查看 System.DirectoryServices(ASP.NET 2.0 参考):
C#-获取组的示例:
using System.DirectoryServices;
public class test
private void main()
foreach (string @group in GetGroups())
Debug.Print(@group);
public List<string> GetGroups()
DirectoryEntry objADAM = default(DirectoryEntry);
// Binding object.
DirectoryEntry objGroupEntry = default(DirectoryEntry);
// Group Results.
DirectorySearcher objSearchADAM = default(DirectorySearcher);
// Search object.
SearchResultCollection objSearchResults = default(SearchResultCollection);
// Results collection.
string strPath = null;
// Binding path.
List<string> result = new List<string>();
// Construct the binding string.
strPath = "LDAP://stefanserver.stefannet.local";
//Change to your ADserver
// Get the AD LDS object.
try
objADAM = new DirectoryEntry(strPath);
objADAM.RefreshCache();
catch (Exception e)
throw e;
// Get search object, specify filter and scope,
// perform search.
try
objSearchADAM = new DirectorySearcher(objADAM);
objSearchADAM.Filter = "(&(objectClass=group))";
objSearchADAM.SearchScope = SearchScope.Subtree;
objSearchResults = objSearchADAM.FindAll();
catch (Exception e)
throw e;
// Enumerate groups
try
if (objSearchResults.Count != 0)
foreach (SearchResult objResult in objSearchResults)
objGroupEntry = objResult.GetDirectoryEntry();
result.Add(objGroupEntry.Name);
else
throw new Exception("No groups found");
catch (Exception e)
throw new Exception(e.Message);
return result;
获取组的VB示例:
Imports System.DirectoryServices
Public Class Form1
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
For Each group As String In GetGroups()
Debug.Print(group)
Next
End Sub
Public Function GetGroups() As List(Of String)
Dim objADAM As DirectoryEntry ' Binding object.
Dim objGroupEntry As DirectoryEntry ' Group Results.
Dim objSearchADAM As DirectorySearcher ' Search object.
Dim objSearchResults As SearchResultCollection ' Results collection.
Dim strPath As String ' Binding path.
Dim result As New List(Of String)
' Construct the binding string.
strPath = "LDAP://stefanserver.stefannet.local" 'Change to your ADserver
' Get the AD LDS object.
Try
objADAM = New DirectoryEntry(strPath)
objADAM.RefreshCache()
Catch e As Exception
Throw e
End Try
' Get search object, specify filter and scope,
' perform search.
Try
objSearchADAM = New DirectorySearcher(objADAM)
objSearchADAM.Filter = "(&(objectClass=group))"
objSearchADAM.SearchScope = SearchScope.Subtree
objSearchResults = objSearchADAM.FindAll()
Catch e As Exception
Throw e
End Try
' Enumerate groups
Try
If objSearchResults.Count <> 0 Then
Dim objResult As SearchResult
For Each objResult In objSearchResults
objGroupEntry = objResult.GetDirectoryEntry
result.Add(objGroupEntry.Name)
Next objResult
Else
Throw New Exception("No groups found")
End If
Catch e As Exception
Throw New Exception(e.Message)
End Try
Return result
End Function
End Class
【讨论】:
感谢 Stefan 的精彩帖子...我尝试在我的 Web 应用程序中使用 vb 代码,但似乎不起作用...您能说明一下吗? mcuh 赞赏.._____ @mo,您是否更改了路径/URL 以匹配 您的 AD 服务器?在我的示例中,它不是真正的 AD 服务器。 如何获取特定用户的所有组? 捕获异常,重置它们的调用堆栈,然后再次抛出它们有什么意义?【参考方案2】:Microsoft .NET Framework 提供了一个用于使用 Active Directory 的标准库:System.DirectoryServices namespace 在 System.DirectoryServices.dll 中。
Microsoft 建议使用 System.DirectoryServices 命名空间中的两个主要类:DirectoryEntry 和 DirectorySearcher。大多数情况下,只使用 DirectorySearcher 类就足够了。
您可以在CodeProject article 中找到一些示例。
【讨论】:
以上是关于ASP.NET 如何获取 Active Directory 中的组列表的主要内容,如果未能解决你的问题,请参考以下文章
带有 Active Directory 的 ASP.NET:用户凭据
ASP.NET 表单身份验证和 Active Directory 模拟
由 Azure Active Directory v1 保护的 asp.net 核心 webapi
从 ASP.NET 应用程序使用 Active Directory 时出现 DirectoryServicesCOMException (0x80072020)