如果我們想使用LDAP Provider,透過群組名稱取得所有的成員,應該如何做呢?
下面範例會傳回一組帳號和FullName的Dictionary資料:
public static Dictionary
{
Dictionary
DirectoryEntry domain = new DirectoryEntry(ldapPath , uName, pwd);
DirectorySearcher search = new DirectorySearcher(domain);
search.SearchScope = SearchScope.Subtree;
//搜尋條件
search.Filter = string.Format("(&(objectclass=Group)(cn={0}))",groupName);
SearchResult result = search.FindOne();
if (result != null)
{
DirectoryEntry gEntry = result.GetDirectoryEntry();
DirectoryEntry mEntry;
IADsUser iu;
DataRow dr;
//叫用 Group 的 Members
object members = gEntry.Invoke("Members", null);
foreach (object mb in (IEnumerable)members)
{
mEntry = new DirectoryEntry(mb);
if (mEntry.SchemaClassName == "user")
{
iu = (IADsUser)mEntry.NativeObject;
rv.Add(iu.Name.Split('=')[1],iu.FullName));
}
}
}
return rv;
}
*使用IADsUser的COM介面,可以輕鬆取得User的屬性。
沒有留言:
張貼留言