如何从 Active Directory 获取属于特定部门的所有用户的列表?

发布于 2024-08-25 06:54:11 字数 120 浏览 10 评论 0原文

这就是我想要做的事情:

我想使用 VB.Net 和 DirectoryServices 从 Active Directory 获取属于特定部门(由用户输入)的所有用户和组的列表。

有什么建议吗?

Here's what I'm trying to do:

I want to get a list of all users and groups that belong to a specific department (entered by the user) from Active Directory using VB.Net and DirectoryServices.

Any suggestions?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

昔梦 2024-09-01 06:54:11

只要您使用 .NET 2.0,那就可能是最好的了。您可以做的就是将“部门”条件添加到您的搜索过滤器中 - 这样,您就可以将其留给 AD 来按部门进行过滤:

Private Sub GetUsersByDepartment(ByVal department as String)
  Dim deGlobal As DirectoryEntry = New DirectoryEntry(ADPath, ADUser, ADPassword)
  Dim ds As DirectorySearcher = New DirectorySearcher(deGlobal)

  ds.Filter = "(&(objectCategory=person)(objectClass=user)(department=" & department & "))"
  ds.SearchScope = SearchScope.Subtree

  For Each sr As SearchResult In ds.FindAll
    Dim newDE As DirectoryEntry = New DirectoryEntry(sr.Path)
    If Not newDE Is Nothing Then
          *Do Something*
    End If
  Next
End Sub

这肯定会有所帮助 - 我希望作为一名 C# 程序员,我没有这样做把你的VB代码搞砸了!

LDAP 过滤器基本上允许您在“anded”括号内包含任意数量的条件(两个条件周围的 (&....) - 您可以轻松地将其扩展到三个条件,就像我一样做过)。

如果您有机会升级到 .NET 3.5,可以使用一个名为 System.DirectoryServices.AccountManagement 的新命名空间,它提供了更好、更“直观”的方法来处理用户、组、计算机、和搜索。

查看 MSDN 文章管理 .NET Framework 3.5 中的目录安全主体 了解更多相关信息。

您可以做的是“按示例搜索”,因此您可以创建一个 UserPrincipal 并设置要过滤的属性,然后将该对象作为“模板”进行搜索:

UserPrincipal user = new UserPrincipal(adPrincipalContext);
user.Department = "Sales";

PrincipalSearcher pS = new PrincipalSearcher(user);

PrincipalSearchResult<Principal> results = pS.FindAll();

// now you could iterate over the search results and do whatever you need to do

确实很整洁!但不幸的是,仅在 .NET 3.5 上......但是等等 - 这只是 .NET 2 之上的一个服务包,真的:-)

As long as you're on .NET 2.0, that's probably as good as it gets. What you could do is add the "department" criteria to your search filter - that way, you'd leave it up to AD to do the filtering by department:

Private Sub GetUsersByDepartment(ByVal department as String)
  Dim deGlobal As DirectoryEntry = New DirectoryEntry(ADPath, ADUser, ADPassword)
  Dim ds As DirectorySearcher = New DirectorySearcher(deGlobal)

  ds.Filter = "(&(objectCategory=person)(objectClass=user)(department=" & department & "))"
  ds.SearchScope = SearchScope.Subtree

  For Each sr As SearchResult In ds.FindAll
    Dim newDE As DirectoryEntry = New DirectoryEntry(sr.Path)
    If Not newDE Is Nothing Then
          *Do Something*
    End If
  Next
End Sub

That would certainly help - I hope as a C# programmer, I didn't screw up your VB code!

The LDAP filter basically allows you to have any number of conditions inside an "anded" bracket (the (&....) around your two conditions - you can easily extend that to three conditions as I did).

If you have a chance to move up to .NET 3.5, there's a new namespace called System.DirectoryServices.AccountManagement available, which offers much better and more "intuitive" approaches for handling users, groups, computers, and searching.

Check out the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 to learn more about this.

What you can do is e.g. "search by example", so you could create a UserPrincipal and set those properties you want to filter on, and then do a search by that object as a "template" almost:

UserPrincipal user = new UserPrincipal(adPrincipalContext);
user.Department = "Sales";

PrincipalSearcher pS = new PrincipalSearcher(user);

PrincipalSearchResult<Principal> results = pS.FindAll();

// now you could iterate over the search results and do whatever you need to do

Quite neat indeed ! But only on .NET 3.5, unfortunately.... but wait - that's just a service pack on top of .NET 2, really :-)

扛刀软妹 2024-09-01 06:54:11

嗯,这就是我的想法。它似乎有效,但我当然愿意接受建议或改进的解决方案。

Private Sub GetUsersByDepartment(ByVal department as String)
  Dim deGlobal As DirectoryEntry = New DirectoryEntry(ADPath, ADUser, ADPassword)
  Dim ds As DirectorySearcher = New DirectorySearcher(deGlobal)

  ds.Filter = "(&(objectCategory=person)(objectClass=user))"
  ds.SearchScope = SearchScope.Subtree

  For Each sr As SearchResult In ds.FindAll
    Dim newDE As DirectoryEntry = New DirectoryEntry(sr.Path)
    If Not newDE Is Nothing Then
      If newDE.Properties.Contains("department") Then
        If newDE.Properties("department")(0).ToString = department Then
          *Do Something*
        End If
      End If
    End If
  Next

End Sub

Well, here's what I came up. It seems to work, but I'm certainly open to suggestions or improved solutions.

Private Sub GetUsersByDepartment(ByVal department as String)
  Dim deGlobal As DirectoryEntry = New DirectoryEntry(ADPath, ADUser, ADPassword)
  Dim ds As DirectorySearcher = New DirectorySearcher(deGlobal)

  ds.Filter = "(&(objectCategory=person)(objectClass=user))"
  ds.SearchScope = SearchScope.Subtree

  For Each sr As SearchResult In ds.FindAll
    Dim newDE As DirectoryEntry = New DirectoryEntry(sr.Path)
    If Not newDE Is Nothing Then
      If newDE.Properties.Contains("department") Then
        If newDE.Properties("department")(0).ToString = department Then
          *Do Something*
        End If
      End If
    End If
  Next

End Sub
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文