使用 Sys.AD.AM .Net 3.5 类时的全局编录的 Active Directory 搜索
我正在使用 System.DirectoryServices.AccountManagement 类来查询 Active Directory。
我可以使用各种上下文很好地查询域,但我找到的每个示例都需要域名。
string domain = "MYDOMAIN";
PrincipalContext ctx= new PrincipalContext(ContextType.Domain, domain);
通常这不会成为问题,但是,我们有一些用户存在于子域中。我找到了一种通过从用户的 user.identity.name 中解析域信息来搜索他们的帐户详细信息的方法。
string loggedUser = User.Identity.Name;
string domain = loggedUser.Split(new char { '\\' })[0];
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domain);
using (ctx) {
// Do searches, etc. here
}
我们希望改用 GUID 作为我们的唯一标识符,因为我相信 GUID 在所有域中都是唯一的,而名称可以更改(结婚、离婚等)。
使用旧的目录搜索器 Web 服务,我们能够查询全局目录 (GC) 并找到用户,无论其域或子域如何,因为这些域是受信任的...我正在使用新的 3.5 S 寻找 GC 搜索的相同“功能” .DS.AM 类。有可能吗?
I am using the System.DirectoryServices.AccountManagement class for querying the Active Directory.
I'm able to query the domain using various contexts fine, but every example I've found requires a domain name.
string domain = "MYDOMAIN";
PrincipalContext ctx= new PrincipalContext(ContextType.Domain, domain);
Normally this wouldn't be a problem, however, we have some users who exist on a sub-domain. I've found a means of searching for their account details by parsing the domain information out of their user.identity.name.
string loggedUser = User.Identity.Name;
string domain = loggedUser.Split(new char { '\\' })[0];
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, domain);
using (ctx) {
// Do searches, etc. here
}
We were hoping to swap over to use of GUIDs as our unique identifier, as I am lead to believe that GUIDs are unique across all domains, whereas names can change (marriages, divorces, etc.)
Using an old directory searcher web service, we are able to query the Global Catalog (GC) and find the user regardless of their domain or sub-domain, since the domains are trusted...I'm looking for that same 'feature' of a GC search using the new 3.5 S.DS.AM class. Is it even possible?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
首先,域不是必需的:
但这对您没有帮助。我认为您需要建立一个域列表。然后您可以使用 S.DS.AM 搜索每个域。您可以使用 S.DS.ActiveDirectory 林对象构建域列表。或者,您可以使用 S.DS.DirectorySearcher 使用 GC:// 名称进行 GC 搜索。
First, domain isn't required:
But that doesn't help you. I think you need to build a list of domains. Then you could use S.DS.AM to search each domain. You could build your list of domains using an S.DS.ActiveDirectory Forest object. Or you could do a GC search using S.DS.DirectorySearcher using the GC:// moniker.