是否有一个 .NET 类可以解析 LDAP 中的 CN= 字符串

时间:2023-02-19
本文介绍了是否有一个 .NET 类可以解析 LDAP 中的 CN= 字符串?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个字符串,我从 LDAP 中获取它用于 Active Directory 组成员身份,我需要解析它以检查用户是否是 AD 组的成员.有没有可以帮我解析这个的类?

示例:

CN=Foo 组名,DC=mydomain,DC=com

解决方案

另外,如果你查询一个群成员的AD,你就可以直接比较所有成员的distinguishedName,而无需通过System.DirectoryServices 命名空间的 >DirectoryEntry 类.

否则,我只是不知道某处有这样的课程.=)

希望这无论如何都会有所帮助!

编辑 #1

这是一个链接,我从中学到了很多关于 AD 和 System.DirectoryServices 命名空间的知识:Howto:(几乎)Active Directory 中的所有内容通过 C#

我将在几天后为您提供示例代码,如果您仍然需要它,我将在其中使用 System.DirectoryServices.DirectorySearcher 对象类来检索组的成员.

我希望这个链接能像对我一样帮助你!=)

编辑#2

这是我告诉过您的代码示例.这应该可以更有效地查询 AD,而无需来回处理 AD.

public IListGetMembers(字符串组名){if (string.IsNullOrEmpty(groupName))throw new ArgumentNullException("groupName");IList<字符串>members = new List();DirectoryEntry root = new DirectoryEntry(@"LDAP://my.domain.com");DirectorySearcher 搜索者 = 新 DirectorySearcher();searcher.SearchRoot = 根;searcher.SearchScope = SearchScope.Subtree;searcher.PropertiesToLoad.Add("member");searcher.Filter = string.Format("(&(objectClass=group)(sAMAccountName={0}))", groupName);SearchResult 结果 = searcher.FindOne();DirectoryEntry groupFound = result.GetDirectoryEntry();for (int index = 0; index <((object[])groupFound.Properties["member"].Value).Length; ++index)members.Add((string)((object[])groupFound.Properties["member"].Value)[index]);回归会员;}

<块引用>

免责声明:此代码按原样提供.我在我的本地机器上测试了它,它工作得很好.但是因为我不得不在这里重新输入它,因为我不能只是复制粘贴它,所以我在输入时可能犯了一些错误,我希望没有发生.

I've got a string that I'm fetching from LDAP for Active Directory group membership and I need to parse it to check if the user is a member of the AD group. Is there a class that can parse this for me?

Example:

CN=Foo Group Name,DC=mydomain,DC=com

解决方案

Besides, if you query the AD for a group members, you'll be able to compare all of the members' distinguishedName's directly without parsing code through the DirectoryEntry class of the System.DirectoryServices namespace.

Otherwise, I just don't know of such a class somewhere. =)

Hope this helps anyway somehow !

EDIT #1

Here's a link from which I have learned a lot working with the AD and the System.DirectoryServices namespace: Howto: (Almost) Everything In Active Directory via C#

I shall provide you with a sample code in a few days, if you still require it, where I will use the System.DirectoryServices.DirectorySearcher object class to retrieve the members of a group.

I hope this link will help you as it did for me! =)

EDIT #2

Here's the code sample I told you about. This should make it more efficient to query against the AD without having to work bakc and forth the AD.

public IList<string> GetMembers(string groupName) {
    if (string.IsNullOrEmpty(groupName))
        throw new ArgumentNullException("groupName");

    IList<string> members = new List<string>();

    DirectoryEntry root = new DirectoryEntry(@"LDAP://my.domain.com");
    DirectorySearcher searcher = new DirectorySearcher();
    searcher.SearchRoot = root;
    searcher.SearchScope = SearchScope.Subtree;
    searcher.PropertiesToLoad.Add("member");

    searcher.Filter = string.Format("(&(objectClass=group)(sAMAccountName={0}))", groupName);

    SearchResult result = searcher.FindOne();
    DirectoryEntry groupFound = result.GetDirectoryEntry();
    for (int index = 0; index < ((object[])groupFound.Properties["member"].Value).Length; ++index)
        members.Add((string)((object[])groupFound.Properties["member"].Value)[index]);

    return members;

}

Disclaimer : This code is provided as-is. I tested it on my local machine and it works perfectly fine. But since I had to retype it here because I couldn't just copy-paste it, I have perhaps made some mistakes while typing, which I wish didn't occur.

这篇关于是否有一个 .NET 类可以解析 LDAP 中的 CN= 字符串?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持html5模板网!

上一篇:通过 .net 获取 Active Directory 组中的用户名 下一篇:以编程方式确定当前域控制器

相关文章

最新文章