如何使用用户主体上下文从 Active Directory 检索电话号码

发布于 2025-01-17 13:13:20 字数 1114 浏览 0 评论 0 原文

此代码可完美地使用用户名和密码从Active Directory获取电话号码

    public string GetPhone(string domain, string username, string pwd)
    {
        _path = "LDAP://" + domain;
        string domainAndUsername = domain + @"\" + username;
        DirectoryEntry entry = new DirectoryEntry(_path, domainAndUsername, pwd);
        string telephoneNumber = string.Empty;

        try
        {
            object obj = entry.NativeObject;
            DirectorySearcher search = new DirectorySearcher(entry);

            SearchResult result = search.FindOne();

            var myEntry = result.GetDirectoryEntry();
            telephoneNumber = myEntry.Properties["telephoneNumber"].Value.ToString();
        }
        catch (Exception ex)
        {

            throw new Exception("Error obtaining phone number. " + ex.Message);
        }
        return telephoneNumber;
    }

，但是，我只能在登录页面上访问用户密码。我确实正在生成用户上下文，尽管可以从应用程序中的任何位置访问（ context.user ，它是 system.security.principal.iprincipal 类型）

，因此如何我可以使用已经可用的 context.user 对象从Active Directory获取手机吗？

非常感谢您

原文

This code works perfectly to get the phone number from Active Directory using the username and password

    public string GetPhone(string domain, string username, string pwd)
    {
        _path = "LDAP://" + domain;
        string domainAndUsername = domain + @"\" + username;
        DirectoryEntry entry = new DirectoryEntry(_path, domainAndUsername, pwd);
        string telephoneNumber = string.Empty;

        try
        {
            object obj = entry.NativeObject;
            DirectorySearcher search = new DirectorySearcher(entry);

            SearchResult result = search.FindOne();

            var myEntry = result.GetDirectoryEntry();
            telephoneNumber = myEntry.Properties["telephoneNumber"].Value.ToString();
        }
        catch (Exception ex)
        {

            throw new Exception("Error obtaining phone number. " + ex.Message);
        }
        return telephoneNumber;
    }

However, I have access to the user password only on the login page. I do have the User context being generated though that is accessible from anywhere within the application (Context.User which is of System.Security.Principal.IPrincipal type)

Thus, how can I get the phone from Active Directory using an already available Context.User object?

Thank you very much in advance

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

情场扛把子 2025-01-24 13:13:20

您获得的User对象将具有用户的SID。这样，您可以使用 DirectoryEntry中的SID绑定LDAP路径：LDAP://

var user = new DirectoryEntry(
    $"LDAP://<SID={((WindowsIdentity) HttpContext.User.Identity).User.Value}>");

user.RefreshCache(new [] { "telephoneNumber" });
var telephoneNumber = user.Properties["telephoneNumber"]?.Value as string;

RefreshCache 是仅加载telephoneNumber 属性。否则，当您第一次使用.Properties时，它将检索每个属性，这会浪费时间和带宽。

The User object you get will have the SID of the user. With that, you can use the SID binding LDAP path in DirectoryEntry: LDAP://<SID=XXXXX>

var user = new DirectoryEntry(
    quot;LDAP://<SID={((WindowsIdentity) HttpContext.User.Identity).User.Value}>");

user.RefreshCache(new [] { "telephoneNumber" });
var telephoneNumber = user.Properties["telephoneNumber"]?.Value as string;

The use of RefreshCache is to load only the telephoneNumber attribute. Otherwise, when you first use .Properties, it will retrieve every attribute, which is a waste of time and bandwidth.

回复收藏 0 原文

坦然微笑 2025-01-24 13:13:20

看起来我过度复杂化了一切，解决方案很简单

    private void SetPhone()
    {
        DirectoryEntry entryDomain = new DirectoryEntry("LDAP://" + domain);
        DirectorySearcher ds = new DirectorySearcher(entryDomain);

        string lastName = Context.User.Identity.Name.Split(' ')[Context.User.Identity.Name.Split(' ').Length - 1];

        ds.Filter = "(sn=" + lastName + ")";
        SearchResult sr = ds.FindOne();

        string telephoneNumber = sr.Properties["telephoneNumber"][0].ToString();
        telephoneNumber = telephoneNumber.Insert(0, "(").Insert(4, ")").Insert(5, " ").Insert(9, "-");
        Session["UserPhone"] = String.Format("{0:(###) ###-####}", telephoneNumber); ;
    }

Looks like I overcomplicated everything and solution is quite simple

    private void SetPhone()
    {
        DirectoryEntry entryDomain = new DirectoryEntry("LDAP://" + domain);
        DirectorySearcher ds = new DirectorySearcher(entryDomain);

        string lastName = Context.User.Identity.Name.Split(' ')[Context.User.Identity.Name.Split(' ').Length - 1];

        ds.Filter = "(sn=" + lastName + ")";
        SearchResult sr = ds.FindOne();

        string telephoneNumber = sr.Properties["telephoneNumber"][0].ToString();
        telephoneNumber = telephoneNumber.Insert(0, "(").Insert(4, ")").Insert(5, " ").Insert(9, "-");
        Session["UserPhone"] = String.Format("{0:(###) ###-####}", telephoneNumber); ;
    }

回复收藏 0 原文

~没有更多了~