在 Sharepoint 中查找用户组 SID
我需要在我的 Sharepoint (2007) Web 部件中找出当前用户所属的所有 AD 组 SID。
我想使用 System.DirectoryServices.AccountManagement 命名空间:
using (var context = new PrincipalContext( ContextType.Domain ))
{
using (var user = UserPrincipal.FindByIdentity( context, accountName ))
{
var groups = user.GetAuthorizationGroups();
...
}
}
,但出现以下错误:
事件 ID:10016 通过权限设置(特定于应用程序)是地址localhost(使用LRPC)的用户NT AUTHORITY \ NETWORK SERVICE的SID(S-1-5-20)无权激活(本地)具有CLSID的COM服务器应用程序 {61738644-F196-11D0-9953-00C04FD919C1}
此问题可能已通过 http://support.microsoft 修复。 com/kb/899965 但这种方法需要更改注册表值(应用程序的所有权,因此您可以在 dcomcnfg 中更改应用程序值)以及稍后在 dcomcnfg 的 COM 安全性中更改用户权限,这对我来说不是一个选择。
是否有另一种方法可以访问 Sharepoint 内当前用户的组 SID?
我真的希望能够在 SPContext.Current.Web.CurrentUser.Groups 中找到这些值,但显然不是。
I need to find out all AD groups SIDs that current user belongs to inside my Sharepoint (2007) webpart.
I wanted to use System.DirectoryServices.AccountManagement namespace:
using (var context = new PrincipalContext( ContextType.Domain ))
{
using (var user = UserPrincipal.FindByIdentity( context, accountName ))
{
var groups = user.GetAuthorizationGroups();
...
}
}
, but I get the following error:
Event ID: 10016
Through the permission settings (application specific) is the SID (S-1-5-20) for user NT AUTHORITY \ NETWORK SERVICE of address localhost (Using LRPC) is not authorized to activate (Local) for the COM Server application with CLSID
{61738644-F196-11D0-9953-00C04FD919C1}
This might be fixed with this http://support.microsoft.com/kb/899965
but this approach requires changing registry values (the ownership of the application, so you can change apps values at dcomcnfg) and later User Permissions at dcomcnfg's COM security, which isn't an option for me.
Is there another way to access Current user's groups SIDs inside Sharepoint?
I really hoped I can find these values in SPContext.Current.Web.CurrentUser.Groups, but apparently not.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您需要在此处采用 SharePoint 方式,而不是使用
System程序集,而是使用 SharePoint 程序集。每个用户的 SID 位于
SPUser 中.Sid属性。由于您只想查找 AD 组,因此您可以检查SPUser的.IsDomainGroup属性。现在您需要做的就是检查当前用户:'SPContext.Current.Web.CurrentUser
(aSPUser` 对象)。要回答如何获取用户所属的所有组的问题,您实际上将需要使用
System.DirectoryServices。以下 stackoverflow 帖子中显示了您的问题的解决方案:简而言之:
SPUser对象以及通过DirectoryServices查询 Active DirectoryYou need to go the SharePoint way here and not use
Systemassemblies, but the SharePoint ones.The SID of each user is in the
SPUser.SidProperty. As you want to look for AD groups only you can check the.IsDomainGroupProperty ofSPUser.Now all you need to do is check the current user: ´SPContext.Current.Web.CurrentUser
(aSPUser` object).To answer your question how to get all groups a user belongs to, you actually will need to use
System.DirectoryServices. A solution for your problem is shown in the following stackoverflow posts:So in short:
SPUserobject as well as querying the Active Directory viaDirectoryServices