使用C#枚举嵌套的AD用户组
发布时间:2020-12-15 21:22:42 所属栏目:百科 来源:网络整理
导读:我编写了一些代码来获取组和嵌套组的所有用户.我还想确保如果组成员资格通过让第一个组成为最后一个组的成员而导致循环,则不会发生循环. 我写的代码工作正常,但有点慢. 这是我第一次尝试做AD查看. 有人可以看看,告诉我代码是好看还是坏编码(或者更糟糕),或者
|
我编写了一些代码来获取组和嵌套组的所有用户.我还想确保如果组成员资格通过让第一个组成为最后一个组的成员而导致循环,则不会发生循环.
我写的代码工作正常,但有点慢. 这是我第一次尝试做AD查看. 有人可以看看,告诉我代码是好看还是坏编码(或者更糟糕),或者我的方法是错误的? using System;
using System.Collections.Generic;
using System.Text;
using System.DirectoryServices;
using System.IO;
namespace Tester3
{
class Program3
{
public static List<string> appGroupList = new List<string>();
public static List<string> userList = new List<string>();
public static List<string> groupList = new List<string>();
public static List<string> groupChecked = new List<string>();
static void Main(string[] args)
{
// Create Output File
StreamWriter outputfile = new StreamWriter("output.txt",false);
appGroupList.Add("GLB-SBCCitrixHelpdesk-DL");
appGroupList.Add("SBC_UKBSAVIA001_PROD_ROL_Siebel");
foreach (string appGroup in appGroupList)
{
string appGroupCN = GetCN(appGroup);
GetMembers(appGroupCN);
groupChecked.Clear();
}
foreach (string item in userList)
{
Console.WriteLine(item);
outputfile.WriteLine(item);
}
outputfile.Flush();
outputfile.Close();
Console.ReadLine();
}
private static string GetCN(string group)
{
string groupCN = string.Empty;
try
{
using (DirectorySearcher search = new DirectorySearcher())
{
search.Filter = "(&(cn=" + group + ")(objectClass=group))";
search.PropertiesToLoad.Add("CN");
SearchResult result = search.FindOne();
if (result != null)
{
groupCN = result.Properties["adsPath"][0].ToString();
groupCN = groupCN.Replace("LDAP://","");
}
return groupCN;
}
}
catch (Exception)
{
return groupCN;
}
}
public static void GetMembers(string group) // get members using the groups full cn
{
// Check if group has already been checked
if (groupChecked.Contains(group))
{
return;
}
// Add group to groupChecked list
groupChecked.Add(group);
try
{
// Connect to group object
using (DirectoryEntry groupObject = new DirectoryEntry("LDAP://" + group))
{
// Get member of group object
PropertyValueCollection col = groupObject.Properties["member"] as PropertyValueCollection;
// Loop through each member
foreach (object member in col)
{
// Connect to member object
using (DirectoryEntry memberObject = new DirectoryEntry("LDAP://" + member))
{
// Get class of member object
string memberClass = memberObject.Properties["objectClass"][1].ToString();
string memberCN = memberObject.Properties["Name"][0].ToString();
if (!groupChecked.Contains(member.ToString()))
{
if (memberClass.ToLower() == "group")
{
GetMembers(member.ToString());
}
else
{
userList.Add(memberCN);
}
}
else
{
if (memberClass.ToLower() != "group")
{
userList.Add(memberCN);
}
}
}
}
}
}
catch (Exception)
{
}
}
}
}
解决方法
如果您使用的是.NET 3.5及更高版本,则应该查看System.DirectoryServices.AccountManagement(S.DS.AM)命名空间.在这里阅读所有相关内容:
> Managing Directory Security Principals in the .NET Framework 3.5 基本上,您可以定义域上下文并轻松查找AD中的用户和/或组: // set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx,"SomeUserName");
if(user != null)
{
// get a user's group memberships
foreach(Principal principal in me.GetGroups())
{
GroupPrincipal gp = (principal as GroupPrincipal);
if(gp != null)
{
// do something with the group
}
}
}
新的S.DS.AM使得在AD中与用户和组玩游戏变得非常容易.对.GetGroups()的调用也会为你处理嵌套组成员资格的所有问题等等 – 不再需要处理那些麻烦了! (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
相关内容
- duilib各种布局的作用,相对布局与绝对布局的的意义与用法
- Swift 3 popup model dialog传递数据
- c# – 使用深度数据 – Kinect
- swift 获取app版本号及 ios 版本号
- ruby-on-rails – 错误:执行gem时…(Errno :: EINVAL)参数
- ruby-on-rails – Rails:new_ * something * _path变量在哪
- postgresql – 使用PSQL命令查找主机名和端口
- React Native 画虚线 DashLine
- [翻译]Swift编程语言——关于Swift
- [每日一题] OCP1z0-047 :2013-07-14 正则表达式...........