一、 查询是否存在指定的AD账号:
using
(DirectoryEntry de
=
new
DirectoryEntry(
"
LDAP://RootDSE
"
))
... {
string DCName = (string)de.Properties["defaultNamingContext"][0];
using (DirectoryEntry DC = new DirectoryEntry("LDAP://" + DCName))
...{
using (DirectorySearcher deSearch = new DirectorySearcher( ))
...{
deSearch.SearchRoot = DC;
deSearch.SearchScope = SearchScope.Subtree;
deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName=" + myAccountName+ "))";
using (SearchResultCollection results = deSearch.FindAll( ))
...{
if (results.Count == 0)
...{
return false;
}
return true;
}
}
}
}
... {
string DCName = (string)de.Properties["defaultNamingContext"][0];
using (DirectoryEntry DC = new DirectoryEntry("LDAP://" + DCName))
...{
using (DirectorySearcher deSearch = new DirectorySearcher( ))
...{
deSearch.SearchRoot = DC;
deSearch.SearchScope = SearchScope.Subtree;
deSearch.Filter = "(&(&(objectCategory=person)(objectClass=user))(sAMAccountName=" + myAccountName+ "))";
using (SearchResultCollection results = deSearch.FindAll( ))
...{
if (results.Count == 0)
...{
return false;
}
return true;
}
}
}
}
二、SearchScope.Base的使用
当我们需要在一个多值的属性中查询时,就可以使用SearchScope.Base,例如,当我们要查询组myGroup中的Member中的所有组成员时,我们就可以使用SearchScope.Base 与 DirectorySearcher对象的AttributeScopeQuery属性来进行查询。
//
这里的ADPath是要进行查询的group的AD中的路径,如 "LDAP:
//
YourServerName/OU=Group,O=Microsoft,C=US
using (DirectoryEntry group = DirectoryEntry(ADPath, ADUser, ADPassword, AuthenticationTypes.Secure))
... {
string filter = "(objectClass=Group)";
string[ ] properties = new string[ ] ......{ "cn", "displayname", "distinguidshedName" };
using (DirectorySearcher search = new DirectorySearcher(group, filter, properties, SearchScope.Base))
...{
search.AttributeScopeQuery = "member";
using (SearchResultCollection results = search.FindAll( ))
...{
for (int i = 0; i < results.Count; i++)
...{
using (DirectoryEntry de = results[i].GetDirectoryEntry( ))
...{
// add your process code....
}
}
}
}
}
using (DirectoryEntry group = DirectoryEntry(ADPath, ADUser, ADPassword, AuthenticationTypes.Secure))
... {
string filter = "(objectClass=Group)";
string[ ] properties = new string[ ] ......{ "cn", "displayname", "distinguidshedName" };
using (DirectorySearcher search = new DirectorySearcher(group, filter, properties, SearchScope.Base))
...{
search.AttributeScopeQuery = "member";
using (SearchResultCollection results = search.FindAll( ))
...{
for (int i = 0; i < results.Count; i++)
...{
using (DirectoryEntry de = results[i].GetDirectoryEntry( ))
...{
// add your process code....
}
}
}
}
}