查找组名类似的 Active Directory 组

时间:2023-02-18
本文介绍了查找组名类似的 Active Directory 组的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我需要编写一个 C# 脚本,该脚本返回所有组名以特定名称开头的 Active Directory 组.我知道可以使用以下代码返回一组.

I need to write a C# script that returns all the Active Directory groups with group names that start with a certain name. I know can return one group using the following code.

PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
GroupPrincipal grp = GroupPrincipal.FindByIdentity(ctx, IdentityType.Name, "Groupname");

但是,我想要 Groupname 开头的所有组,比如GroupPrefix".然后,我想使用以下代码遍历所有这些组,并将成员"存储在一个数组/列表中,以便稍后用于搜索.

However, I want all the groups where the Groupname starts with, say "GroupPrefix". I then want to traverse all these groups using the following code and store the "members" in an array/list that I can use later for searching.

foreach (UserPrincipal p in grp.GetMembers(true))

如果我能得到任何帮助,我将不胜感激.

I would much appreciate any help that I can get with this.

推荐答案

您可以使用 PrincipalSearcher 和query-by-example"主体进行搜索:

You can use a PrincipalSearcher and a "query-by-example" principal to do your searching:

// create your domain context
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
   // define a "query-by-example" principal - here, we search for a GroupPrincipal 
   // and with the name like some pattern
   GroupPrincipal qbeGroup = new GroupPrincipal(ctx);
   qbeGroup.Name = "GroupPrefix*";

   // create your principal searcher passing in the QBE principal    
   PrincipalSearcher srch = new PrincipalSearcher(qbeGroup);

   // find all matches
   foreach(var found in srch.FindAll())
   {
       // do whatever here - "found" is of type "Principal"
   }
}

如果您还没有 - 绝对阅读 MSDN 文章 在 .NET Framework 3.5 中管理目录安全主体,它很好地展示了如何充分利用 System 中的新功能.DirectoryServices.AccountManagement.或查看 System.DirectoryServices.AccountManagement 上的 MSDN 文档a> 命名空间.

If you haven't already - absolutely read the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 which shows nicely how to make the best use of the new features in System.DirectoryServices.AccountManagement. Or see the MSDN documentation on the System.DirectoryServices.AccountManagement namespace.

当然,根据您的需要,您可能希望在您创建的query-by-example"组主体上指定其他属性:

Of course, depending on your need, you might want to specify other properties on that "query-by-example" group principal you create:

  • DisplayName(通常:名字 + 空格 + 姓氏)
  • SAM 帐户名 - 您的 Windows/AD 帐户名
  • DisplayName (typically: first name + space + last name)
  • SAM Account Name - your Windows/AD account name

您可以指定 GroupPrincipal 上的任何属性,并将这些属性用作 PrincipalSearcher 的示例查询".

You can specify any of the properties on the GroupPrincipal and use those as "query-by-example" for your PrincipalSearcher.

这篇关于查找组名类似的 Active Directory 组的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持html5模板网!

上一篇:如何清除 Active Directory 中的用户对象属性? 下一篇:如何从 ASP.NET Web 服务代码对 Active Directory 进行身

相关文章

最新文章