当前位置: 文江博客话题详情

如何验证Windows用户?

发布于 2025-01-02 20:17:08 字数 1859 浏览 4 评论 0原文

我使用以下代码来验证属于我们公司域的用户。这很好用。

using (var entry = new DirectoryEntry(""))
{
    DirectorySearcher ds = new DirectorySearcher(entry);

    ds.Filter = "(|(&(objectCategory=user)(name=domainuser)))";
    ds.PropertyNamesOnly = true;
    ds.PropertiesToLoad.Add("name");
    ds.ReferralChasing = ReferralChasingOption.None;

    SearchResultCollection src = ds.FindAll();

    bool isValid = false;
    try
    {
        foreach (SearchResult sr in src)
        {
            DirectoryEntry de = sr.GetDirectoryEntry();
            de.Password = "domainpassword";
            object nativeObject = de.NativeObject;


            if (nativeObject != null)
                isValid = true;

            break;
        }
    }
    catch (DirectoryServicesCOMException ex) {}

    return isValid;
}

实际问题是我需要在笔记本电脑 (MYINSTANCE) 中创建一个 LDAP 实例,然后需要以编程方式创建用户。我能够创建用户并迭代他们。

现在,对于此类用户,我无法验证用户名和密码。

我所做的更改如下。

using (var entry = new DirectoryEntry("LDAP://MYPC:389/CN=MYINSTANCE,DC=COMPANYDOMAIN,DC=com", "domainuser", "domainpassword", AuthenticationTypes.Secure))
{
    DirectorySearcher ds = new DirectorySearcher(entry);

    ds.Filter = "(|(&(objectCategory=user)(name=instanceuser)))";
    ds.PropertyNamesOnly = true;
    ds.PropertiesToLoad.Add("name");
    ds.ReferralChasing = ReferralChasingOption.None;

    SearchResultCollection src = ds.FindAll();

    bool isValid = false;
    try
    {
        foreach (SearchResult sr in src)
        {
            DirectoryEntry de = sr.GetDirectoryEntry();
            de.Password = "instancepassword";
            object nativeObject = de.NativeObject;


            if (nativeObject != null)
                isValid = true;

            break;
        }
    }
    catch (DirectoryServicesCOMException ex) {}

    return isValid;
}
原文

I use the following code to validate the users who belong to our company domain. This works fine.

using (var entry = new DirectoryEntry(""))
{
    DirectorySearcher ds = new DirectorySearcher(entry);

    ds.Filter = "(|(&(objectCategory=user)(name=domainuser)))";
    ds.PropertyNamesOnly = true;
    ds.PropertiesToLoad.Add("name");
    ds.ReferralChasing = ReferralChasingOption.None;

    SearchResultCollection src = ds.FindAll();

    bool isValid = false;
    try
    {
        foreach (SearchResult sr in src)
        {
            DirectoryEntry de = sr.GetDirectoryEntry();
            de.Password = "domainpassword";
            object nativeObject = de.NativeObject;


            if (nativeObject != null)
                isValid = true;

            break;
        }
    }
    catch (DirectoryServicesCOMException ex) {}

    return isValid;
}

The actual problem is that I need to create an LDAP instance in my laptop (MYINSTANCE) and then I need to create users programmatically. I'm able to create users and iterate through them.

Now for such users I'm not able to validate the user name and password.

The change I made was as below.

using (var entry = new DirectoryEntry("LDAP://MYPC:389/CN=MYINSTANCE,DC=COMPANYDOMAIN,DC=com", "domainuser", "domainpassword", AuthenticationTypes.Secure))
{
    DirectorySearcher ds = new DirectorySearcher(entry);

    ds.Filter = "(|(&(objectCategory=user)(name=instanceuser)))";
    ds.PropertyNamesOnly = true;
    ds.PropertiesToLoad.Add("name");
    ds.ReferralChasing = ReferralChasingOption.None;

    SearchResultCollection src = ds.FindAll();

    bool isValid = false;
    try
    {
        foreach (SearchResult sr in src)
        {
            DirectoryEntry de = sr.GetDirectoryEntry();
            de.Password = "instancepassword";
            object nativeObject = de.NativeObject;


            if (nativeObject != null)
                isValid = true;

            break;
        }
    }
    catch (DirectoryServicesCOMException ex) {}

    return isValid;
}

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

淡笑忘祈一世凡恋 2025-01-09 20:17:08

如果您使用 .NET 3.5 或更高版本,则可以使用 System.DirectoryServices.AccountManagement 命名空间并轻松验证您的凭据:

// create a "principal context" - e.g. your domain (could be machine, too)
using(PrincipalContext pc = new PrincipalContext(ContextType.Domain, "MYINSTANCE", 
                                "CN=MYINSTANCE,DC=COMPANYDOMAIN,DC=com", 
                                ContextType.SecureSocketLayer,
                                "domainuser", "domainpassword")
{
    // validate the credentials
    bool isValid = pc.ValidateCredentials("myuser", "mypassword");
}

它简单、可靠,它是 100% C# 托管代码 - 什么你还能要求更多吗? :-)

在这里阅读所有相关内容:

If you work on .NET 3.5 or higher, you can use the System.DirectoryServices.AccountManagement namespace and easily verify your credentials:

// create a "principal context" - e.g. your domain (could be machine, too)
using(PrincipalContext pc = new PrincipalContext(ContextType.Domain, "MYINSTANCE", 
                                "CN=MYINSTANCE,DC=COMPANYDOMAIN,DC=com", 
                                ContextType.SecureSocketLayer,
                                "domainuser", "domainpassword")
{
    // validate the credentials
    bool isValid = pc.ValidateCredentials("myuser", "mypassword");
}

It's simple, it's reliable, it's 100% C# managed code on your end - what more can you ask for? :-)

Read all about it here:

回复 原文
~没有更多了~

关于作者

月亮邮递员

暂无简介

文章
评论
29 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

5040234068

文章 0 评论 0

樱花雨梦

文章 0 评论 0

≈。彩虹

文章 0 评论 0

雨轻弹

文章 0 评论 0

血之狂魔

文章 0 评论 0

qq_0bIjwE

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文