从 2 个 OU 中查找 Active Directory 用户
- 作者: 许昌S减肥终点站
- 来源: 51数据库
- 2022-10-21
问题描述
我有一个 .Net 应用程序,它从特定 OU (ABCUsers) 中的活动目录读取用户.代码如下:
I have a .Net application that reads user from active directory that is in a specific OU (ABCUsers). The following is the code:
string DomainIP = "some domain IP"; string ContainerConnectionString = "OU=ABCUsers,DC=test,DC=com"; PrincipalContext domain = new PrincipalContext(ContextType.Domain, DomainIP, ContainerConnectionString, ContextOptions.SimpleBind); PrincipalSearcher searcher = new PrincipalSearcher(); UserPrincipal findUser = new UserPrincipal(domain); findUser.SamAccountName = "some username"; searcher.QueryFilter = findUser; UserPrincipal foundUser = (UserPrincipal)searcher.FindOne();
上面的代码工作正常,但我需要更改代码,以便它检索用户是否在 OU=ABCUsers 或 OU=XYZUsers 中,但不在任何其他 OU 中.
The above code works fine, but I need to change the code so that it retrieves a user whether he/she is in OU=ABCUsers or OU=XYZUsers but not in any other OU.
推荐答案
(更新:再读一遍)
(不过我更喜欢下面的全局目录的解决方案,因为它的代码更少,更健壮.)
(I would nevertheless prefer the solution with the Global Catalog below, because it is much less code and more robust.)
因为在不使用 全局目录 时它可能无法与 OR-LDAP-search 字符串一起使用,如下所述,您可以重复上述操作(我想工作)两个 OU 的代码与此类似,例如在单独的函数中(伪代码):
Since it would probably not work with an OR-LDAP-search string when not using the Global Catalog as explained below, you could just kind of repeat the above (I guess working) code for the two OUs similar to this when put e.g. in a separate function (pseudo code):
UserPrincipal findUserInOu( String ou ) {
string DomainIP = "some domain IP";
string ContainerConnectionString = "OU=" + ou + ",DC=test,DC=com";
// ... above code continued
}
UserPrincipal foundUser = findUserInOu("ABCUsers");
if ( foundUser == null )
foundUser = findUserInOu("XYZUsers");
<小时>
GlobalCatalog 解决方案
正如我在这里所说的,使用一些OR-搜索字符串等来完成.似乎对我不起作用,您可能必须使用 Global Catalog 服务(在默认的 端口 3268 上,如果您有 MS Active Directory 否则我不知道其他目录服务是否有此功能).我猜您必须在 PrincipalContext 上指定它,它可能会使用其他一些默认值(389?).
GlobalCatalog solution
As I said here, to do it with some OR-search string etc. did not work for me and it seems, you may have to use the Global Catalog service (on the default port 3268, if you have a MS Active Directory otherwise I don't know if other directory services would have this feature). I guess you would have to specify this on the PrincipalContext which may use some other default (389?).
- C#通过fleck实现wss协议的WebSocket多人Web实时聊天(附源码)
- 团队城市未满足要求:MSBuildTools12.0_x86_Path 存在
- 使用 MSBuild.exe 在发布模式下构建 C# 解决方案
- 当我发布 Web 应用程序时,AfterPublish 脚本不运行
- 构建时 T4 转换的产品仅在下一个构建中使用
- ASP.NET Core Application (.NET Framework) for Windows x64 only error in project.assets.json
- 新的 .csproj 格式 - 如何将整个目录指定为“链接文件"到子目录?
- 如何将条件编译符号(DefineConstants)传递给 msbuild
- MSBuild 支持 Visual Studio 2017 RTM 中的 T4 模板
- NuGet 包还原找不到包,没有源
