当前位置：文江博客话题详情

Active Directory：获取所有“安全组”

发布于 12-03 06:36 字数 71 浏览 3 评论 0原文

我希望在 Active Diectory 中获得所有可用的“安全组”组。

有什么想法吗？

谢谢，

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

倚栏听风2024-12-10 06:36:15

由于您使用的是 .NET 3.5 或更高版本，因此您可以使用 PrincipalSearcher 和“按示例查询”主体进行搜索：

// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

// define a "query-by-example" principal - here, we search for a GroupPrincipal 
// with the security group flag set
GroupPrincipal qbeGroup = new GroupPrincipal(ctx);
qbeGroup.IsSecurityGroup = true;

// create your principal searcher passing in the QBE principal    
PrincipalSearcher srch = new PrincipalSearcher(qbeGroup);

// find all matches
foreach(var found in srch.FindAll())
{
    // do whatever here - "found" is of type "Principal" - it could be user, group, computer.....          
}

如果您还没有 - 请务必阅读 MSDN 文章管理 .NET Framework 中的目录安全主体3.5 很好地展示了如何充分利用 System.DirectoryServices.AccountManagement 中的新功能

Since you're on .NET 3.5 or higher, you can use a PrincipalSearcher and a "query-by-example" principal to do your searching:

// create your domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

// define a "query-by-example" principal - here, we search for a GroupPrincipal 
// with the security group flag set
GroupPrincipal qbeGroup = new GroupPrincipal(ctx);
qbeGroup.IsSecurityGroup = true;

// create your principal searcher passing in the QBE principal    
PrincipalSearcher srch = new PrincipalSearcher(qbeGroup);

// find all matches
foreach(var found in srch.FindAll())
{
    // do whatever here - "found" is of type "Principal" - it could be user, group, computer.....          
}

If you haven't already - absolutely read the MSDN article Managing Directory Security Principals in the .NET Framework 3.5 which shows nicely how to make the best use of the new features in System.DirectoryServices.AccountManagement

回复收藏 0 原文

萌逼全场2024-12-10 06:36:15

试试这个方法，

           DirectoryEntry ent1 = new DirectoryEntry("LDAP://" + _path, 
           "adminUser", "***********");

            DirectorySearcher dSearch = new DirectorySearcher(ent1);

            dSearch.Filter = "(&(objectClass=group))";

            dSearch.SearchScope = SearchScope.Subtree;

            SearchResultCollection results = dSearch.FindAll();
            List<string> groupNames = new List<string>();

            for (int i = 0; i < results.Count; i++)
            {
                DirectoryEntry de = results[i].GetDirectoryEntry();

                groupNames.Add(de.Name.Replace("CN=", ""));


            }

它对我有用:)

Try this way

           DirectoryEntry ent1 = new DirectoryEntry("LDAP://" + _path, 
           "adminUser", "***********");

            DirectorySearcher dSearch = new DirectorySearcher(ent1);

            dSearch.Filter = "(&(objectClass=group))";

            dSearch.SearchScope = SearchScope.Subtree;

            SearchResultCollection results = dSearch.FindAll();
            List<string> groupNames = new List<string>();

            for (int i = 0; i < results.Count; i++)
            {
                DirectoryEntry de = results[i].GetDirectoryEntry();

                groupNames.Add(de.Name.Replace("CN=", ""));


            }

It's working for me :)

回复收藏 0 原文

~没有更多了~