我今天才刚刚看了看AD以及AD编程方面的东西,看到了在.net中可以使用System.DirectoryServices来操作AD。
DirectoryEntry de = new DirectoryEntry("LDAP://" + DomainText);
//查询
DirectorySearcher src = new DirectorySearcher("(&(objectCategory=person)(objectClass=user))");
//根节点
src.SearchRoot = de;
//搜索范围包含所有子对象
src.SearchScope = System.DirectoryServices.SearchScope.Subtree;
//遍历所有搜索到的节点
foreach(SearchResult res in src.FindAll())
{
foreach(string myKey in res.Properties.PropertyNames)
{
foreach( Object obj in res.Properties[myKey])
{
Console.WriteLine("....................");
}
}
}
1. objectClass=organizationalUnit 查询条件是所有的组织单元(OU)
2. objectClass=group 查询条件是所有的组(GROUP)
3. objectClass=user 查询条件是所有的用户(USER)
private string GetITPartName(string DomainText, string strCurrentUserName, String strITUrl)
{
DirectoryEntry de = new DirectoryEntry("LDAP://" + DomainText);
DirectorySearcher ds = new DirectorySearcher("name=" + strCurrentUserName);
ds.SearchRoot = de;
ds.SearchScope = SearchScope.Subtree;
DirectoryEntry des = ds.FindOne().GetDirectoryEntry();
foreach (string str in strITUrl.Split('/'))
{
if (string.IsNullOrEmpty(str))
return null;
if (str == "..")
des = des.Parent;
else
{
ds.SearchRoot = des.Parent;
ds.Filter = "name=" + str;
des = ds.FindOne().GetDirectoryEntry();
}
}
//ds.SearchRoot = des;
//ds.Filter = "title=" + strTitle;
//des = ds.FindOne();
return des.Properties["name"][0].ToString();
}