使用C#获取Active Directory中的用户的父OU

发布时间：2020-12-15 04:29:37 所属栏目：百科来源：网络整理

导读：我想检查一个用户是否在特定的父OU中. 我怎样才能做到这一点？检查下面的代码,以清楚地描述我正在寻找的内容. using System.DirectoryServices.AccountManagement;public bool IsUserInOU(string samAccountName,string OUName){ using (var context = new

我想检查一个用户是否在特定的父OU中.

我怎样才能做到这一点？

检查下面的代码,以清楚地描述我正在寻找的内容.

using System.DirectoryServices.AccountManagement;

public bool IsUserInOU(string samAccountName,string OUName){

    using (var context = new PrincipalContext(ContextType.Domain))
        {
            using (var user = UserPrincipal.FindByIdentity(context,IdentityType.SamAccountName,samAccountName))
            {                    
                //Check if the user is in the OU specified in OUName
                //Something like:
                //return user.IsInOU(OUName);
            }
         }
}

public void TestIt_1(){
  //The parent OU of this user is "AwesomeOU"
  string samAccountName = "Joe";
  string OUName = "AwesomeOU";
  bool expected = true;
  bool actual = IsUserInOU(samAccountName,OUName);
  Assert.AreEqual(expected,actual);
}

public void TestIt_2(){
  //The parent OU of this user is "WhateverOU"
  string samAccountName = "Mike";
  string OUName = "AwesomeOU";
  bool expected = false;
  bool actual = IsUserInOU(samAccountName,actual);
}

域名：

>国家OU

>真棒OU

乔

>无论OU

>迈克

empi答案后的解决方案1

使用empi给出的信息,我写了以下方法来提取DistinguishedName中的第一个OU.做到这一点,其余的是轻而易举.

public static string GetOUForUser(string samAccountName)
    {
        using (var context = new PrincipalContext(ContextType.Domain))
        {
            using (var user = UserPrincipal.FindByIdentity(context,samAccountName))
            {
                //System.Console.WriteLine(user.DistinguishedName);
                int startIndex = user.DistinguishedName.IndexOf("OU=",1) + 3; //+3 for  length of "OU="
                int endIndex = user.DistinguishedName.IndexOf(",",startIndex);
                var group = user.DistinguishedName.Substring((startIndex),(endIndex - startIndex));
                return group;
            }
        }
    }

JPBlanc答复后的解决方案2

public static string GetOUForUser(string samAccountName)
    {
        using (var context = new PrincipalContext(ContextType.Domain))
        {
            using (var user = UserPrincipal.FindByIdentity(context,samAccountName))
            {
                using (DirectoryEntry deUser = user.GetUnderlyingObject() as DirectoryEntry)
                {
                    using (DirectoryEntry deUserContainer = deUser.Parent)
                    {
                        return deUserContainer.Properties["Name"].Value.ToString();
                    }
                }
            }
        }
    }

解决方法

Ok @Empi解决方案正在运行,但是UserPrincipal构建在DirectoryEntry对象上,该对象提供了一个父或容器属性,只需要给出您要查找的对象,而不使用字符串方式.

/* Retreiving a principal context
 */
PrincipalContext domainContext = new PrincipalContext(ContextType.Domain,"WM2008R2ENT:389","dc=dom,dc=fr","domjpb","MyPwd");

/* Retreive a user
 */
UserPrincipal user = UserPrincipal.FindByIdentity(domainContext,"user1");

/* Retreive the container
 */
DirectoryEntry deUser = user.GetUnderlyingObject() as DirectoryEntry;
DirectoryEntry deUserContainer = deUser.Parent;
Console.WriteLine (deUserContainer.Properties["distinguishedName"].Value);

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!